There are tons of posts related to AIA locations not able to download, but I can't find one that matches my scenario. I have a CA with three certs #0 expired, #1 expiring in a few months, #2 expiring in year. This is a subCA. PKI-View is saying it' can't download an AIA http location for certificate #1. I have two different AIA http locations configured. The AIA #1 is pointing to the website for certificate #2 expiring in a year. AIA location #2 is pointing to a website for a different certificate for certificate #1 expiring in a few months
The one thing I notice is I have two AIA locations configured, but they're pointing to two different certificates. Does this need to point to the same certificate? I've done the obvious troubleshooting of opening the certs in IE from localhost and from other hosts to verify proxy isn't blocking and that the destination is working. Not sure what to check next, unless the fundamentals are incorrect here and those two AIA locations need to point to the same cert.