HI,
We had one Root CA and its no more avilable due to storage format. RootCA has one subordinate CA server and that server is fine.
When veirfy CDP container via PKIVIEW.msc I can see that CRL of Subordinate CA is valid and Root CA is expired an year ago ( with this I assume its offline root standalone CA).
When I verify CRL of Subordinate CA server it something like below
URL=ldap:///CN=netca1(2),CN=netCA1,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=contosso,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint
URL=http://netra1/CertEnroll/netca1(2)DeltaCRLAllowed%3E.crl
When I validate URL path the CRL is expired.
Certificate of subordinate ca still shows valid.. How do I find valid CRL for crashed root CA?
(please excuse Typos)
Mahi