Share via

How to fix the mismatch of CRL Link in CSR and IIS server certificate

Dilip Patel, Vipul (Cognizant) 0 Reputation points
2024-05-17T14:43:22.27+00:00

Hi Team,

We have a CSR generated for 1 of the servers but while user are accessing the server via RDP they get an error as the CRL check is failing.

Upon checking the issue we could find that the CRL URL link is missmatched in CSR certificate and IIS server.

Can we change the CRL URL link in CA admin console to resolve the issue or do we have any other way around.

Thank you

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,178 questions
Microsoft 365 and Office | Office Online Server
Windows for business | Windows Client for IT Pros | User experience | Remote desktop services and terminal services
Windows for business | Windows Client for IT Pros | Devices and deployment | System management components
Community Center | Not monitored
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Miguel Gonçalves 971 Reputation points
    2024-06-14T22:11:02.12+00:00

    HI Dilip Patel, Vipul (Cognizant)

    After Check the CRL Distribution Point download the CRL on the server. This link https://techcommunity.microsoft.com/t5/iis-support-blog/crl-checking-by-iis/ba-p/348170will be pointing to one of the CDP servers hosted by the CA. Verify CRL and define your CertCheckMode (above link detail). Restart IIS. If needed you can clear CRL cache https://stackoverflow.com/questions/75360269/how-to-disable-certificate-revocation-list-crl-caching-on-iis-10-0

    # If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.