I thought I had this question answered but I just want to make sure. I have an offline Enterprise root CA and I have one online issuing CA. The offline root CA CRL publication interval is 16 weeks.
A week or two before that expires, I am suppose to go to the offline CA console - Revoked Certificates - All Tasks - Publish. Then on the offline CA, browse to the certenroll directory and copy the .CRL file to a flash drive.
On the online issuing CA, paste the .CRL file into the certenroll directory. Is this all correct? When I browse to the certenroll directory on the issuing CA, I do not see the .CRL that is in the certenroll directory on the offline root. Should this be already in there?