Wonder if someone can help. I've created a PKI infrastructure with an offline Root CA and an Enterprise Subordinate CA. I notice from the Subordinate CA Certificate that it has a typo in the ldap URLs for both the CRL and AIA locations of the Root CA Certificate.
Consequently the PKIview.msc tool shows that the Subordinate CA is unable to download the CRL details for the Root CA.
The Subordinate CA has subsequently automatically issued certificates to my W2K3 domain controllers so I'm not sure how to go about recitifying this. I presume that I will have to revoke the DC certificates and subsequently the Subordinate CA certificate but need some guidance on the correct course of action as I'm completely new to the world of PKI and am stuck wit this now!