Creating the Certificate Revocation List – Part 3.

My final blog about this topic… and following on from here.

The CDP is up and running, and immediately clients are “happier”, insofar as a machine can be happy >_>

In order to confirm the certificates are picking up the CDP, they need to be reissued, as these changes will only affect certificates issued post change.

Firstly I viewed an existing certificate:

No reference to a HTTP source.

No reference to a HTTP source.

…and as you can see htere is no reference to a CDP at the bottom. I then manually renewed a certificate on my test PC, opened the certificate and confirmed the presence of a CDP.

...and now we have a publicly available CRL.

…and now we have a publicly available CRL.

Le fin! Well sort of… now I have to deploy an updated certificate to several thousand PCs. Joy.

 

 

Advertisements

Flame on xD

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s