locked
CRL

    Întrebare

  • I've installed an Edge server. Imported our internal CA to be trusted. I also imported the CRL. However every morning at 2am the Edge server (OCS Certificate Manager) it trys to download the CRL for the private cert, which it can't do through our firewall.

     

    Everything seems to be working fine, will this eventually cause a problem. What are the steps I would need to take to allow the Edge server to download the CRL?

     

    Thanks

    17 iulie 2008 16:20

Răspunsuri

  • No, this won't cause a problem.  It just means that the Edge server won't know if you revoke a certificate from your internal CA.  Given that the only certificates it interfaces with are the ones for your OCS server(s), this isn't really a

    security risk.  If you wanted to work around it you simply need to give the Edge server HTTP access to the CRL URL, which you can find on the properties of the CA certificate.

    18 iulie 2008 13:49