I have setup nps server to authenticate my WLAN clients using client authentication certificates. This is working great.
Now when I revoke a cert it still works! This is not great.
I have checked all my settings and I can't find why the NPS server is ignoring the CRL and still successfully authenticating clients with revoked certs.
Doing a "certutil -f –urlfetch -verify test.cer"on the NPS Server I get the following at the end:
"The certificate is revoked. 0x80092010 (-2146885616)
------------------------------------
Certificate is REVOKED
Leaf certificate is REVOKED (Reason=6)
CertUtil: -verify command completed successfully."
So the CRL is working ok. But the NPS is not checking it as part of the authentication process?!
I have checked out these keys as mentioned in this technet article: http://technet.microsoft.com/en-us/library/cc771995(v=ws.10).aspx
but non of these are set so I am runnning with default settings and it should work right?!
I don't know whats going wrong and am hopeing someone will be able to point me in the right direction...