Step-by-Step Guide

How to make the Certificate Revocation List accessible

The default Enterprise Certificate Authority installation requires clients to use an SSL connection to download the Certificate Revocation List. While this may sound like a good idea, there's a bug in Windows Server 2008 that prevents it from working properly. Therefore, we must remove the SSL requirement. To do so, perform the following steps on your Enterprise Certificate Authority:

  1. Open the Server Manager and navigate through the

    Requires Free Membership to View

  1. Vista VPN setup guide, part 2
    Learn how to configure Windows Vista workstations in part 2 of our Vista VPN setup guide.
    console tree to Server Manager | Roles | Web Server (IIS) | Internet Information Services (IIS) Manager.
  2. When the Internet Information Services (IIS) console opens, navigate through the console tree to your server | Sites | Default Web Site | CertEnroll.
  3. Click on the Feature View button found at the bottom of the results pane, then double-click the SSL Settings icon.
  4. When the SSL Settings screen appears, deselect the Require SSL check box, and click the Apply button.

Stay tuned for a step-by-step guide to client-side Vista VPN configuration.

Vista VPN setup guide, part 1

  Set up a domain controller
  Install DHCP services
  Install Active Directory Certificate Services
  Install IIS
  Request a machine certificate
 Install the Routing and Remote Access Service role
 Configure the VPN server
  Publish the Certificate Revocation List
 Make the CRL accessible

Brien Posey
About the author
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at

This was first published in May 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: