O'Reilly logo

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Troubleshooting Certificate Validation

The misconfiguration of CA certificate and CRL publication points is the most common error in a PKI. If the publication points are referenced incorrectly, it can result in certificate validation errors, CA failures, issuance failures, logon failures, and more.

Note

Note

If the certificate chaining engine cannot find an updated CRL as referenced in the CDP extension of a certificate, the chaining engine invalidates the certificate with a revocation status: "Cannot determine the revocation status of the certificate," also known as the revocation unknown status code. This revocation status is considered by most applications ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required