Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About BryanC

  • Rank
  1. I understand how to request the cert and why.. my question was after requesting it.. it was there in cert auth under issued certificates but it wasn't installed on the server I requested from. I know I can install cert manually.. I was just wondering why it says it installed but it really didn't.. BY THE WAY>>>> Can you tell me HOW TO CHANGE THE DELTACRL LOCATION #2 from http://dc2k16entsubca.egmc.org/CertEnroll/DC2K16ENTSUBCA-CA+.crl to http://pki.egmc.org/certentroll/DC2K16ENTSUBCA-CA+.crl like yours... I have been trying for hours to change...\ all my other issues I have worked out … this is the only one I just cant find or figure out.. I have gone back over your pub's and nothing...……...HELP
  2. Hello again, I do have one more question that I was never really sure about when I followed your guide. certutil -f -dspublish "E:\dc2k16EntCA_DC2K16ENTCAROOT.crt" RootCA ( ROOTCA ; Were we supposed to change that to the server name : dc2k16entCA (if so should it be FQDN) or leave it as ROOTCA certutil -f -dspublish "E:\DC2K16ENTCAROOT.crl" RootCA ( ROOTCA ; same here: Were we supposed to change that to the server name : dc2k16entSUBCA (if so should it be FQDN) or leave it as ROOTCA your input would be most appreciated!!!!
  3. Please disregard my previous post.. BUT in chapter 8 you show the way to verify all is well . I am having no issues with auto enrollment.. but when I do the certutil -url c:\windows.cer, the OCSP shows verified, when I do the retrieve certs from AIA and CDP .. I get no urls… I cant seem to find anything to correct this that isn't very confusing?? Also maybe I am doing something wrong when request a cert thru the web browser.. https://dc2k16entsubca/certsrv and fill out the form.. I go thru the steps and finally it tells me to install cert.. I do.. but when I look at mmc w/cert I don't see the cert .. but it is in the Cert Auth on the issuing Server.. Am I doing something wrong, or should I be doing something else.. (this server is not in autoenrollment) ..
  4. I have been following your articles very closely.. I use an offline server, a issuing server, a web server... I have done all the steps thru step 5 and when I use PKIView.msc the display shows me the my root has an error. the error is gthe cdp location #1 is unable to download. I canty figure out why... below is the errored line. (HELP) I am going a bit crazy trying to figure out why? ldap:///CN=DC2K16ENTCAROOT,CN=dc2k16EntCA,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=egmc,DC=org?certificateRevocationList?base?objectClass=cRLDistributionPoint
  • Create New...