I have recently installed EntIssuing and EntRoot CAs for the test environment that I am gonna do. They both are kept online and afterwards I have configured it like below:
For EntRoot, I have used the below
- I have left CDP and AIA locations on default.
- All the base CRL publication is of 1 week, and there are no Delta CRLs.
- I have also deleteted all certificate tmpls from CA>Certificate Templates except Subordinate Certification Authority.
For EntIssuing, I have used the below
- I have left CDP and AIA locations on default
- All the base CRL publication is 1 Days, and there are Delta CRL publication at every 6 hours, and AD replication is 2 hours
- I have also created new FirmaEFS cert tmpl upon the Basic EFS, on its Properties>Superceded Templates tab add Basic EFS, and after that deleted Basic EFS from CA>Certificate Templates.
The problem now is that I got some certificates which were based on FirmaEFS cert tmpl on my client pc for 2 different users by using the Certificates snap-in console. But after if i try to use them for encryption then I get some kind of error saying that "revocation server offline". Is there any fix to this problem?
Bookmarks