none
Public CRL vs Internal CRL DirectAccess Clients

    Question

  • Do we need public CRL for Windows 10 clients only?

    We do not plan support ever Windows 7 clients therefor we would like to use only private (internal) PKI infrastructure and not having any external dependency from 3rd party CA.

    samedi 16 juin 2018 07:48

Réponses

  • As far as I know, the public CRL is not absolute requirement for DA clients, they will use internal CRL while connecting via DA. 

    MCSE Mobility 2018. Expert on SCCM, Windows 10 and MBAM.

    • Marqué comme réponse Paul.SP lundi 9 juillet 2018 07:56
    lundi 18 juin 2018 12:45

Toutes les réponses

  • Hi,

    What do you mean by Public CRL? 3rd party?
    You can use you own PKI for DirectAccess but for me, you always need to publish the CRL.

    If you clients are outside your network, they need to check if the certificate has not been revoked.

    Gérald



    lundi 18 juin 2018 07:21
  • As far as I know, the public CRL is not absolute requirement for DA clients, they will use internal CRL while connecting via DA. 

    MCSE Mobility 2018. Expert on SCCM, Windows 10 and MBAM.

    • Marqué comme réponse Paul.SP lundi 9 juillet 2018 07:56
    lundi 18 juin 2018 12:45
  • After successful deployment I can confirm that there is no clear information in the MS documentation if this is the case when you deploy only Windows 10.

    To be clear there is no need to have public CRL when you deploy DirectAccess for Windows 10 clients.

    lundi 9 juillet 2018 07:56