Solved

Need help in Issuing a certificate from and internal CA an import

Posted on 2011-03-10
11
843 Views
Last Modified: 2012-05-11
I am trying to import certificate but I am getting the below error.

'The certificate status cannot be determined because tyhe revocation check failed'

EE experts please help
0
Comment
Question by:-MAS
11 Comments
 
LVL 25

Author Comment

by:-MAS
ID: 35093902
I forget to mention my server is exchange2010 and issuing the certificate from windows2003 CA
0
 
LVL 9

Expert Comment

by:x3man
ID: 35093940
0
 
LVL 9

Accepted Solution

by:
x3man earned 167 total points
ID: 35093949
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 25

Author Comment

by:-MAS
ID: 35093951
This I tried but did not solve my problem.

0
 
LVL 11

Assisted Solution

by:Tasmant
Tasmant earned 167 total points
ID: 35094152
Could you disable the revocation check options into your browser (Internet Explorer/options/advanced)
for "server revocation check and edotor revocation check"?
It could be a workaround but not the solution.
Else i would suggest to open your certificate in order to read the CRL distribution point and check if any ot the paths are accessible:
should be LDAP and http by default
- http://myca.domain.com/crl/myca.crl
- ldap://myca.domain.com/CN=myca,CN=RootCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=domainr,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint

If none of these paths are accessible then the check cannot be processed.
0
 
LVL 25

Author Comment

by:-MAS
ID: 35098889
many thanks  to your reply
I tried but it did not solve my problem


0
 
LVL 25

Author Comment

by:-MAS
ID: 35098937
many thanks  to your reply
I tried but it did not solve my problem


0
 
LVL 42

Assisted Solution

by:Amit
Amit earned 166 total points
ID: 35123063
0
 
LVL 25

Author Comment

by:-MAS
ID: 35127121
This is to configure proxy.
I do not have a proxy.

What shall I do if I do not have a proxy
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 35128594
Normally on the internal CA one shouldn't have this issue.

> Do you have the correct child and root-certificate on the E2010 machines\computer store?
(mmc > Certificate > computer > local computer)

> when you try accessing the cert. from the c:\ (or any file explorer)
do you see any red-x mark?
is that cert. trusted by this E2010 server
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question