|
Posted by gal.alton@gal-eli.com on July 17, 2007, 8:26 am
Please log in for more thread options
Hi
i have setup OCSP using the "Installing, Configuring, and
Troubleshooting the Microsoft Online Responder" article
installation was successful
I issued a cettificate and revoked it
in the certificate there is no CDP and AIA contains ocsp URI
i am running certutil -URL test.cer to test ocsp and it is verify
even
though i revoked it
OCSP is using 5 minutes CRL refresh and works well
it looks like i am using cache values
when changing the clock 1 day ahead i am getting revoked result
I tried "certutil -setreg chain\ChainCacheResyncFiletime @now" and
nothig
how can I configure my client to use fresh data
what is the best practices?
Gal Alton
| 
XML Sitemap