locked
Internet CRL cannot be connected from Internal network RRS feed

  • Question

  • I don't know what have been happened...

    crl.company.com Internel crl address goes through DA server to internal CA -server. Other crl locations is working properly... CRL list is following..

    http://crl.company.com
    http://CA-01.addomain.com
    ldap://CN=CompanyEnterpriseCA,....

    Because http://crl.company.com is not accessed fron internal network, this will cause problems on workstations.

    How this http://crl.company.com can be published to the internal network from DA server?

    Friday, February 10, 2012 1:18 PM

All replies

  • I'm not sure that I fully understand the question but if you are trying to run your CRL website on the DA server I would change that. Use the DA server for DA, not as a general webserver.

    Further, I assume you are talking about the CRL for the IP-HTTPS listener, is that correct? If that is the case, I greatly recommend purchasing a certificate from a public CA instead of trying to use your own. You will save yourself all of these headaches.

    Friday, February 10, 2012 1:25 PM
  • Future plan include public CA, but not right now.

    Some Computer personal certificates generates problems, when computer is resolving CompanyEnterpriseCA. When DA client crl location was working also in internal network, then everything was working properly.

    There's no webserver on DA server, only trunk/cdp.

    Friday, February 10, 2012 5:26 PM