Solved

Need help in Issuing a certificate from and internal CA an import

Posted on 2011-03-10
11
839 Views
Last Modified: 2012-05-11
I am trying to import certificate but I am getting the below error.

'The certificate status cannot be determined because tyhe revocation check failed'

EE experts please help
0
Comment
Question by:-MAS
11 Comments
 
LVL 24

Author Comment

by:-MAS
Comment Utility
I forget to mention my server is exchange2010 and issuing the certificate from windows2003 CA
0
 
LVL 9

Expert Comment

by:x3man
Comment Utility
0
 
LVL 9

Accepted Solution

by:
x3man earned 167 total points
Comment Utility
0
 
LVL 24

Author Comment

by:-MAS
Comment Utility
This I tried but did not solve my problem.

0
 
LVL 11

Assisted Solution

by:Tasmant
Tasmant earned 167 total points
Comment Utility
Could you disable the revocation check options into your browser (Internet Explorer/options/advanced)
for "server revocation check and edotor revocation check"?
It could be a workaround but not the solution.
Else i would suggest to open your certificate in order to read the CRL distribution point and check if any ot the paths are accessible:
should be LDAP and http by default
- http://myca.domain.com/crl/myca.crl
- ldap://myca.domain.com/CN=myca,CN=RootCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=domainr,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint

If none of these paths are accessible then the check cannot be processed.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 24

Author Comment

by:-MAS
Comment Utility
many thanks  to your reply
I tried but it did not solve my problem


0
 
LVL 24

Author Comment

by:-MAS
Comment Utility
many thanks  to your reply
I tried but it did not solve my problem


0
 
LVL 41

Assisted Solution

by:Amit
Amit earned 166 total points
Comment Utility
0
 
LVL 24

Author Comment

by:-MAS
Comment Utility
This is to configure proxy.
I do not have a proxy.

What shall I do if I do not have a proxy
0
 
LVL 26

Expert Comment

by:e_aravind
Comment Utility
Normally on the internal CA one shouldn't have this issue.

> Do you have the correct child and root-certificate on the E2010 machines\computer store?
(mmc > Certificate > computer > local computer)

> when you try accessing the cert. from the c:\ (or any file explorer)
do you see any red-x mark?
is that cert. trusted by this E2010 server
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
how to add IIS SMTP to handle application/Scanner relays into office 365.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now