Designing PKI Object Publication

To enable certificate validation, you must ensure that a CA’s certificate and CRL are available for download by the certificate chaining engine. This is done by confirming that the certificate and CRL are available by using the desired protocols from the desired locations and are published at the required intervals.

Choosing Publication Protocols

Determining the protocols used for CA certificate and CRL retrieval is the first step in choosing publication points. The following protocols are available the Windows Server 2003 and Windows Server 2008 PKIs:

  • HTTP. The Hypertext Transfer Protocol (HTTP) provides the most flexibility. Almost all client computers have a Web browser installed that allows access to HTTP URLs. ...

Get Windows Server® 2008 PKI and Certificate Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.