I have one user who always have the CRL downloads automatically into his NetScreen-Remote client which make his current certificate (should not be renew until end of the year) become invalid.
In order to resolve it, the user have to delete the CRL manually from CRLs tab under the Juniper Certificate Manager everytime when he disconnect from company network and connect to his ISP at home. Please see attached example screen shot of Certificate Manager.
I would like to know what settings will trigger the CRL downloading? Or some other settings on XP windows will causes the download? Kindly be advised that none of our VPN users have this problem but him.
For your information,
We have our own CA and using for certificate base authenticaion which link to our AD.
Our NetScreen-remote version is 10.8.3 (Build 6) and runs on XP.
If you have the similar problem and able to resolve, I would appreciate if you could share with me.