Moved a CA, need to change CDP/AIA

  • Thread starter Thread starter _TFA
  • Start date Start date
T

_TFA

Guest
Hi guys,

We have an old server which was our enterprise root CA in the domain. However we wanted to migrate the CA to a new server, so we could remove the old server from the domain. There are some tutorials out there on how to do this, I used this one:
Moving Certificate Services To Another Server | PeteNetLive

And this migration went OK, however, when we request new certificates they still refer to the old server for the certificate revocation list distribution point (CDP). But again there are tutorials on how to change this, this time I used one from Microsoft:
Configure the CDP and AIA Extensions on CA1

So I went through all the steps. Basically I changed http://oldserver.domain/certentroll/crlname.crl to http://newserver.domain/certentroll/crlname.crl and I checked to make sure the links work. I did this for HTTP and file access for both the CDP and AIA as described in the article. However when I request a new certificate it still lists http://oldserver.domain/certentroll/crlname.crl as the CRL, which is offline. How can I change the CRL listed in the certificate CDP to use the new CRL?

Thanks a lot!

Continue reading...
 
You must log in or register to reply here.

Similar threads

H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
2
Hanish Gopi
H
R
How to avoid windows security warning pops up during a signed driver installation
Replies
0
Views
4
Resmi Jose
R
R
How to avoid windows security warning pops up during a signed driver installation
Replies
0
Views
3
Resmi Jose
R
Z
CDP extension versus AIR on certifiacte
Replies
0
Views
4
zooshan
Z
H
Smart card logon on windows says "Signing with a smart card isn't supported for your account. For more info, contact your admin".
Replies
0
Views
3
Hanish Gopi
H
Back
Top