I have servers in a "closed" network, ie no access to the World Wide Web (WWW). I have server errors within the CAPI2 log that I want to resolve. I know these errors are valid because it can't reach WWW to verify revocation server so thus the errors. How to I get this process to stop on the certificates?
Example of an error:
Event 11, CAPI2 (Build Chain)
CertGetCertificateChain
-Certificate
[fileRef] xxxxxxxxxxxxxxxxxxxxxxxxxx.cer
[subjectName] Microsoft Time-Stamp Service
-AddiditionalStore
-Certificate
[fileRef] xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.cer
[subjectName] Microosft Windows Production PCA 2011
-Certificate
[fileRef] xxxxxxxxxxxxxxxxxxxxxxxxxxxx.cer
[subjectName] Microsoft Windows
-Certificate
[fileRef] xxxxxxxxxxxxxxxxxxxxxxxxxxxx.cert
[subjectName] Microsoft Time-Stamp Service
[Result]
The revocation function was unable to check revocation because the revocation server was offline
[value] 80092013
It is offline because it probably can't reach out on the WWW to verify revocation. How do I get windows to stop doing this on these certificates. I have other certificates that I need to verify revocation and these are working as expected.
Thank you!