CRL RRS feed

  • Question

  • I've installed an Edge server. Imported our internal CA to be trusted. I also imported the CRL. However every morning at 2am the Edge server (OCS Certificate Manager) it trys to download the CRL for the private cert, which it can't do through our firewall.


    Everything seems to be working fine, will this eventually cause a problem. What are the steps I would need to take to allow the Edge server to download the CRL?



    Thursday, July 17, 2008 4:20 PM


  • No, this won't cause a problem.  It just means that the Edge server won't know if you revoke a certificate from your internal CA.  Given that the only certificates it interfaces with are the ones for your OCS server(s), this isn't really a

    security risk.  If you wanted to work around it you simply need to give the Edge server HTTP access to the CRL URL, which you can find on the properties of the CA certificate.

    Friday, July 18, 2008 1:49 PM