Re: Certificate Server Revocation Process

From: Fred Yarbrough (
Date: 04/19/03

From: "Fred Yarbrough" <>
Date: Fri, 18 Apr 2003 17:39:37 -0500

    Yes I think so. I see it as a URL that was installed by default by the
Certificate Server installation process
(http://%server_dns_name%/CertEnroll/%CA_Name%%CRL_suffix%.crl). I can
browse to this file from the browser and it prompts me to either Open it or
Save it. I also found an article that is fairly detailed at

    I am researching this but it just does not behave like I would have


"Guogang" <> wrote in message
> 1. Do you have CRL distribution point in your certificate?
> 2. Your CRL publication is not real time. It will be published at next
> scheduled time.
> "Fred Yarbrough" <> wrote in message
> news:eQbYvQfBDHA.2264@TK2MSFTNGP12.phx.gbl...
> > I and using Windows 2000 Server have setup a StandAlone Root CA and
> a
> > certificate to my StandAlone Subordinate CA. From my StandAlone
> Subordinate
> > CA I have issued numerous website certificates. Everything appears to
> > good to go and working properly. I decided to try and revoke a
> certificate
> > for a website and did so. When I hit the website, there is no
> > that the certificate has been revoked. I would have expected to get
> > flashing indication that the webserver was using a REVOKED certificate
> > that it was no longer valid. How does this work? Heck, I even went to
> the
> > Root CA and Revoked my Subordinate CA's certificate. It shows up on the
> > Root CA as being revoked but still I see no indication that anything has
> > changed. I am reading about the CRL file but still see no way to
> > it. How is this supposed to work? I am not finding much info on it
> > anywhere.
> >
> >
> > Thanks,
> > Fred
> >
> >

Relevant Pages

  • Re: Certificate revokation
    ... Is there a way to revoke a certificate and that the revokation will be ... > delta CRL that can be published every few hours with only the changes ... As long as it is valid clients can cache it and use ...
  • Re: Certificate Server Revocation Process
    ... Certificate Server installation process ... Do you have CRL distribution point in your certificate? ... I decided to try and revoke a ... >> flashing indication that the webserver was using a REVOKED certificate ...
  • Re: How to revoke the root CA certificate ?
    ... This is why protecting the root CA's priv key is so vital. ... have issued any certs for use from the root, so first revoke all certs for ... >>>I have a standalone certificate authority on Windows Server 2003, ... But what certificate is used to sign the CRL... ...
  • Re: Revoked Security Certificates
    ... The owner of a certificate can often revoke it him/her self, ... the company no longer wants the certificate to be used, ... > I was trying to purchase a product at a website. ... > alert stating that the site had a revoked security ...
  • Re: How to validate client certificate?
    ... The ideal thing would be to get IIS to check the revocation of the ... certificate for you. ... remains true even if I revoke the cert. ...