Answered by:
OCSP issue in MS CA

Question
-
Scenario:
Platform : Domain is on Windows 2016 and Functional level for both domain and forest level is windows 2012R2. CS server is Windows 2016. Currently we have two enterprise PKI env.
Old Env: Single Server served as Root CA and Issuing CA
New Env: Two layer architecture: Offline Root CA and Enterprise Issuing CA
Requirement: To fix the OCSP issue in MS CA. CDP and AIA is working but OCSP validation have issue. Though OCSP configuration showing no error.
Screenshot:
---------------- Certificate OCSP ----------------
Failed "OCSP" Time: 0
Error retrieving URL: Method not allowed (405). 0x80190195 (-2145844843 HTTP_E_STATUS_BAD_METHOD)
The Email Security system has identified and removed an uncategorised URL in the email
Also PKI view shows below error:
https://filestore.community.support.microsoft.com/api/images/fb02783f-36ad-41e8-a829-79476ca13f18?upload=true
Any suggestions would be highly appreciated. Thank you.
Regards,
SoumenG
Tuesday, July 23, 2019 3:52 PM
Answers
-
Hello,
Thank you for posting in our TechNet forum.
I noticed that this post is consistent with another post Deb_bose sent, URL:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/9546e491-47e7-43dd-84e3-fc730210058d/ocsp-verification-failed-with-error-code?forum=ws2016
If we can confirm that the two posts are the same, then in order to ensure the support efficiency, we will merge the two posts and will reply and assist you in the merged post, thank you for your understanding.
Meanwhile, we can try the way on the above similar post to check if it helps.
If there is anything unclear, please feel free to let us know.
Best Regards,
Daisy Zhou
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Edited by Daisy ZhouMicrosoft contingent staff Wednesday, July 24, 2019 7:01 AM
- Proposed as answer by Hamid Sadeghpour SalehMVP Friday, September 6, 2019 12:05 PM
- Marked as answer by Hamid Sadeghpour SalehMVP Sunday, October 27, 2019 10:47 AM
Wednesday, July 24, 2019 7:00 AM
All replies
-
Hello,
Thank you for posting in our TechNet forum.
I noticed that this post is consistent with another post Deb_bose sent, URL:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/9546e491-47e7-43dd-84e3-fc730210058d/ocsp-verification-failed-with-error-code?forum=ws2016
If we can confirm that the two posts are the same, then in order to ensure the support efficiency, we will merge the two posts and will reply and assist you in the merged post, thank you for your understanding.
Meanwhile, we can try the way on the above similar post to check if it helps.
If there is anything unclear, please feel free to let us know.
Best Regards,
Daisy Zhou
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Edited by Daisy ZhouMicrosoft contingent staff Wednesday, July 24, 2019 7:01 AM
- Proposed as answer by Hamid Sadeghpour SalehMVP Friday, September 6, 2019 12:05 PM
- Marked as answer by Hamid Sadeghpour SalehMVP Sunday, October 27, 2019 10:47 AM
Wednesday, July 24, 2019 7:00 AM -
Hi,
If this question has any update or is this issue solved? Also, for the question, is there any other assistance we could provide?
Best Regards,
Daisy ZhouPlease remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.Friday, July 26, 2019 11:01 AM -
Hi,
I am just writing to see if this question has any update. If anything is unclear, please feel free to let us know.
Thanks for your time and have a nice day!
Best Regards,
Daisy ZhouPlease remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.Monday, July 29, 2019 8:28 AM