Highest Voted 'crl' Questions - Server Fault Stack Exchange

0

votes

1 answer

Does IIS 6.0 Log CRL Checks?

I am adding a 3rd party OCSP responder(Tumbleweed) plugin to IIS 6.0/Windows. I have the 3rd party tool configured to check the revocation status and would like to assert that IIS is not making a duplicate check. Is there a log (other than the IIS…

asked Jun 24 '11 at 12:54

Kevin

1
1

0

votes

1 answer

Found CRL is expired - revoking all certificates until you get an updated CRL

My Apache-based application running on my VPS has recently stopped serving SSL transactions. I am getting errors like the following in the error_log: [Tue Aug 24 12:39:00 2010] [warn] Found CRL is expired - revoking all certificates until you get…

apache-2.2 ssl crl

asked Aug 24 '10 at 11:58

user42561

0

votes

0 answers

Are crl updated automatically to user after a certificate is being revoke?

I'm clueless on how does this CRL/OCSP works. We do have a local enterprise CA, and was set on the CRL publication interval to 8 days. As what was told, when the certificate is revoked, it does not immediately apply / update to the user windows &…

certificate-authority windows-server-2022 crl

asked Aug 10 '23 at 06:43

boxi

1

0

votes

0 answers

Certificate revocation on IIS (CRL and OCSP)

I need to figure out how certificate revocation works on IIS. Certificate we are working with contains both url to CRL and OCSP. As I understand by default IIS uses CRL to verify if certificate is revoked, is that right? if it's true - can I just…

iis crl ocsp

asked Apr 11 '23 at 13:43

Ash

101

0

votes

1 answer

Can a server certificate from a CA not have CRL URLs?

I'm trying create a validation for server certificates and one of the things I need to do is to check if the certificate is revoked, but the server certificates from a specific server seems to not have a CRL URL which I would use to retrieve the CRL…

ssl-certificate certificate-authority crl

asked Oct 12 '22 at 16:42

nicolasassi

103
2

0

votes

1 answer

OpenVPN issue verifying CRL

With an OpenVPN/EasyRSA 3 setup (split machines for CA and VPN entry point), I'm facing the issue that whatever CRL I generate, OpenVPN seemingly cannot handle it. Setup Overview: Things That Go Well I was following these guidelines to setup the…

openvpn openssl crl

asked Aug 02 '22 at 11:03

jbndlr

101
4

0

votes

1 answer

Domain Member Servers - Accessing Certificate Revocation List (CRL)

In my environment I have a Enterprise Root CA installed on a domain controller and a separate domain controller configured as a Subordinate CA - I know this isn't recommended for security reasons but it's what I inherited. The Certificate Enrollment…

domain-controller certificate certificate-authority ad-certificate-services crl

asked May 03 '22 at 19:07

jrd1989

698
15
48

0

votes

1 answer

How does OCSP handle deleted certificates?

We have a Microsoft Certificate Authority running on Windows Server 2019. We are issuing certificates to Android devices via a MDM. The Android device users browse to a web application (hosted by Apache, implemented in PHP 8) using the Chrome web…

certificate certificate-authority ad-certificate-services crl ocsp

asked Apr 13 '22 at 19:23

user2140583

3
1

0

votes

1 answer

Ldap service not running on Windows Server 2019

I have 2 windows server 2019. e.g. server1 and server2. server1 is the domain controller. server1 has below roles installed: ADDS, ADCS, DNS, FILE STORAGE, IIS. server2 is connected to that domain controler. server1 has below roles installed: ADCS,…

windows ssl certificate pki crl

asked Oct 11 '21 at 01:25

Ghansham

101
3

0

votes

1 answer

number of crl certificate(s) or pem certificate(s) present in p7s file

Q. How can we find out the number of CRL files or number of PEM files that can be generated from a P7S file? I understand ( from here ) that the data that is contained in a P7S file is nothing but the encoded(in ASN1, DER format) data of PEM…

openssl certificate pki crl digital-signatures

asked Dec 16 '20 at 18:32

csavvy

125
4

-1

votes

1 answer

SSTP SERVER without certificate check

Is it possible to make a SSTP server where clients don't need certificates? If I want to use linux or microtik routeros as a client, do I have to do something extra in the SSTP server (Windows Server 2008)?

windows-server-2008 vpn certificate sstp crl

asked Dec 15 '11 at 18:38

sazu1976

1
2

-1

votes

1 answer

CertUtil: The directory service encountered an unknown failure. 0x800720ef (WIN32: 8431 ERROR_DS_UNKNOWN_ERROR)

I am trying to publish revoked certificates and I am getting an unknown failure when using the Certificate Authority console: The Application Log in the Event Viewer: It says: Active Directory Certificate Services could not publish a Delta CRL…

active-directory certificate-authority microsoft crl

asked Oct 05 '22 at 11:38

thotheolh

99
2

Questions tagged [crl]