How to make the Certificate Revocation List accessible

In this part of our VPN setup guide, learn how to make the Certificate Revocation List (CRL) accessible by removing the SSL requirement.

This Content Component encountered an error

The default Enterprise Certificate Authority installation requires clients to use an SSL connection to download the Certificate Revocation List. While this may sound like a good idea, there's a bug in Windows Server 2008 that prevents it from working properly. Therefore, we must remove the SSL requirement. To do so, perform the following steps on your Enterprise Certificate Authority:

  1. Open the Server Manager and navigate through the
    Vista VPN setup guide, part 2
    Learn how to configure Windows Vista workstations in part 2 of our Vista VPN setup guide.
    console tree to Server Manager | Roles | Web Server (IIS) | Internet Information Services (IIS) Manager.
  2. When the Internet Information Services (IIS) console opens, navigate through the console tree to your server | Sites | Default Web Site | CertEnroll.
  3. Click on the Feature View button found at the bottom of the results pane, then double-click the SSL Settings icon.
  4. When the SSL Settings screen appears, deselect the Require SSL check box, and click the Apply button.

Stay tuned for a step-by-step guide to client-side Vista VPN configuration.


Vista VPN setup guide, part 1

  Introduction
  Set up a domain controller
  Install DHCP services
  Install Active Directory Certificate Services
  Install IIS
  Request a machine certificate
  Install the Routing and Remote Access Service role
  Configure the VPN server
  Publish the Certificate Revocation List
  Make the CRL accessible

Brien Posey
About the author
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at
http://www.brienposey.com .

This was first published in May 2008

Dig deeper on Computer Network Installation and Administration Projects

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close