Hello!
All articles I ever read on CRL and CDP say a CDP can be hosted EITHERby 1) file share 2) http 3) ldap, for example:
http://blogs.technet.com/b/nexthop/archive/2012/12/17/creating-a-certificate-revocation-list-distribution-point-for-your-internal-certification-authority.aspx
"Reminders
A CDP only applies to certificates issued AFTER the CDP path is created and published. Certificates created before the path was published will look to the existing CDP path on that certificate.
CDP can be hosted by an LDAP path, HTTP path, file path or file share.Note that there is the local C:\Windows System32 path that was discussed earlier. This is the local store where the CA puts files for its own use – not other computers."
...and all those articles offer to add a file share CDP location AND http CDP location simultaneously when illustrating a CDP creation.
Q: Is it enough to have a SINGLE CDP location for a certificate revocation to work? The thing I'd like to know the most is it enough to have justa file share CDP location (\\server\crl), without adding the corresponding http path location (http://server/crl)???
Thank you in advance,
Michael