Re: PkiView.msc - where does it get its info?

---

• From: "Joe" <jwdaigle@xxxxxxxxxxxxx>
• Date: Tue, 27 Mar 2007 08:36:02 +0800

---

"Brian Komar [MVP]" <bkomar@xxxxxxxxxxxxxxxxx> wrote in message
news:MPG.20717c242b53b31a9896ce@xxxxxxxxxxxxxxxxxxxxxxx

In article <eNP8ew5bHHA.264@xxxxxxxxxxxxxxxxxxxx>,
jwdaigle@xxxxxxxxxxxxx says...

I have an Online issuing CA in an server 2003 R2 AD environment. When I
first brought the CA up, I mistyped the AIA & CDP extensions. I typed
http::// (note the double ::). I have now seen the error of my ways, so
went to the CA administration applet, and corrected it.

However, PKIView is not seeing the updates on that same server.

Do I need to somehow republish or reissue the certificate and/or CRL now
that the correct AIA & CDP URLs are specified?

Thank you for any information,

Joe

If I remember correctly, the PKIView information is
being taken from the latest CA exchange certificate
(validity period is 1 week) issued by the CA.
If you delete the certificate out of the CA's local
machine store, you should request a new one, with the
correct information

Brian

Ah, I see. I have been driving myself crazy trying to figure out how to fix
my typing mistake. I would change it, wait for AD to update, and then check
pkiview - still the same.

But now I notice that all issued certificates have the incorrect AIA & CDP
in them (with the double ::). I have 40 workstation authentication
certificates that are "wrong". And they dont expire for a year :-(. Is
there a way that I can change their expiration date? Maybe I could update
the Workstation Authentication template to have them expire in a day or
something? Would that work?

As far as PKIView, not a big deal, I just checked and the CA Exchange cert
expires tomorrow, which is your memory is correct should fix the PKIView
issue.

Thank you very much for your help,

Joe


.

---

• Follow-Ups:
  • Re: PkiView.msc - where does it get its info?
    • From: Brian Komar [MVP]

• References:
  • PkiView.msc - where does it get its info?
    • From: Joe
  • Re: PkiView.msc - where does it get its info?
    • From: Brian Komar [MVP]

• Prev by Date: Re: BE VERY CAREFUL, AS YOU MIGHT BE A VICTIM OF SCAM/FRAUD RIGHT NOW!!
• Next by Date: Re: PkiView.msc - where does it get its info?
• Previous by thread: Re: PkiView.msc - where does it get its info?
• Next by thread: Re: PkiView.msc - where does it get its info?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: PkiView.msc - where does it get its info? ... I mistyped the AIA & CDP extensions. ... PKIView is not seeing the updates on that same server. ... Do I need to somehow republish or reissue the certificate and/or CRL now ... (microsoft.public.security) Standalone Root CA ... AIA to a location within our AD and one on a web server. ... certificate and published a new CRL. ... certutil -dspublish to import the AIA and CDP information into AD. Used ... (microsoft.public.windows.server.networking) Re: PkiView.msc - where does it get its info? ... I mistyped the AIA & CDP extensions. ... PKIView is not seeing the updates on that same server. ... Do I need to somehow republish or reissue the certificate and/or CRL ... I have 40 workstation authentication ... (microsoft.public.security) Re: PkiView.msc - where does it get its info? ... I mistyped the AIA & CDP extensions. ... PKIView is not seeing the updates on that same server. ... Do I need to somehow republish or reissue the certificate and/or CRL ... I have 40 workstation authentication ... (microsoft.public.security) Re: PKIView URL configuration ... PKIView also uses the CDP and AIA URLs in the certificates issued by the CAs ... (microsoft.public.platformsdk.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2007-03