Results 1 to 2 of 2

Thread: CRL distribution points checking

  1. #1
    Edward Davies Guest

    CRL distribution points checking

    I found this very usufull i however have a question ..

    CAs maintain CRLs and publish them to specific CRL distribution points. The CRL distribution points are included in the CRL Distribution Points property of the certificate. If the CRL distribution points cannot be
    contacted to check for certificate revocation, then the certificate revocation check fails.

    We have three distribustion CRL distribution points. One of the points was offline and the Radius server failed to check the othre two pointss.

    can ccomeone please explain how the radius server decides what CRL puiont to use.. I would have expected it to use the other two if one fails ??

  2. #2
    Join Date
    Nov 2009
    Posts
    955

    Re: CRL distribution points checking

    For a clean test, have you attempted restarting IAS server later than issuing new CRL? CRL is cached and doesn't refill each time a client connects. Certificate revocation checking performance for NPS can be customized with registry settings. Because certificate revocation checking can stop client access because of the unavailability or termination of CRLs for every certificate in the certificate chain, design your PKI for great ease of use of CRLs. For instance, configure manifold CRL distribution points for every CA in the Certificate hierarchy and configure journal plans that ensure that the most present CRL is all the time obtainable.

Similar Threads

  1. Getting Name of the distribution by using commands
    By Valdis in forum Operating Systems
    Replies: 4
    Last Post: 12-11-2010, 07:38 AM
  2. Checking FPS in Crysis?
    By Elijah2010 in forum Video Games
    Replies: 6
    Last Post: 18-05-2010, 10:38 PM
  3. Checking the 3.5 floppy
    By Rafiq in forum Windows Software
    Replies: 3
    Last Post: 31-01-2009, 01:08 PM
  4. Need help in checking the speed of ram
    By zoaib in forum Motherboard Processor & RAM
    Replies: 1
    Last Post: 24-12-2008, 08:35 PM
  5. Restarting without checking
    By TyReal in forum Windows Software
    Replies: 2
    Last Post: 24-12-2008, 10:01 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,694,281.40894 seconds with 17 queries