I have a two tiered CA structure on my domain. I have an offline Enterprise CA and a Subordinate CA ... Everything works fine, however, I have numerous revocation failures on my subca because my Enterprise CA is offline. I'd like to get rid of these failures. Can I just add the CRL from the enterprise CA to my subordinate and make it a distribution point so these failures will start to disappear ? The only CRL Distribution Points I see are pointing to my Enterprise CA which will remain offline unless needed.