Hi,
Busy configuring an offline Root CA, with an online AD integrated Subordinate CA to follow.
On the root CA, we have left the LDAP and HTTP locations for both CDP and AIA (pointing to AD and HTTP location on the online Subordinate CA).
Should we also enable the following settings on the AIA & CDP extensions on the root CA for LDAP and HTTP:
- include in the CDP extension of issued certificates
- include in the AIA extension of issued certificates
Thank you,
SK