Answer the question
In order to leave comments, you need to log in
D
D
Dmitry Shumov2021-02-01 17:04:45
Dmitry Shumov, 2021-02-01 17:04:45
Certificate revocation list (CRL) on SYSVOL - real?
Colleagues, tell me please, is it possible to place a Certificate revocation list (CRL) on SYSVOL in a domain? Or the only way out is to create a Certificate Revocation List Distribution Point?
Those. is it possible to specify the path \\domen.local\SYSVOL\domen.local in the CA settings
2 answer(s)
@dshumov
@CityCat4
A
Alexey Dmitriev, 2021-02-01 @dshumov
1. You see that you have published it according to 3 protocols.
Putting a CRL in SYSVOL will only close one of them. In my opinion, there will be no contradictions to put it there - SYSVOL is the same file ball with replication to all DCs via FRS \ DFSR.
2. CRL fault tolerance is not needed - the infrastructure can work without it for some time.
So he needs monitoring and backups for quick recovery.
C
CityCat4, 2021-02-02 @CityCat4
If you plan to use certificates on phones / tablets / laptops outside the corporate network, it is better to create a CDP and maintain an up-to-date CRL there. Some programs start to drive without it, for some, encryption falls off or scary red icons start to draw.
Similar questions
Z
S
O
A
Andrey2020-08-16 19:39:17
Error in SSL Encrypt certificate generation in VestaCP, how to fix it?
1Reply
L
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question