locked
PKI and revocation question RRS feed

  • Question

  • Good morning everyone,

    I have a question regarding PKI and revocation but I cannot find the right forum to post. I saw a forum dedicated to security. However, I cannot see it as an available choice when I ask a question. Do you have any idea please ?

    Meanwhile, I am setting up a PKI and I want to get the quickest revocation publication.If one of our laptops get stolen, for example, I want the firewall to get the revocation information as fast as possible to block any vpn attempt.

     #1 : I was initially going with CRL but the update delay can be quite long. Is configuring overlapping a viable way to force newer CRL download ?

     #2 : I thought OCSP could directly query the revocation database on the CA, but it seems it only queries CRL. Is it correct or am I missing something ?

    Basically, I would like to know how you do to get the revocation information published as fast as possible.

    Thank you for your time !

    Sunday, November 1, 2020 8:57 PM

Answers

All replies

  • I'd try asking for help over here.

    https://docs.microsoft.com/en-us/answers/topics/windows-server-security.html

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by Hobbit 32 Monday, November 2, 2020 6:23 AM
    Sunday, November 1, 2020 9:41 PM
  • Thank you !
    Monday, November 2, 2020 6:23 AM
  • You're welcome.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, November 2, 2020 12:19 PM