This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 23%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
I've setup Active Directory Certificate Services and set the CRL Publication Interval to daily and the Delta publication interval to 30 minutes. Then within the Online Responder setup, this is set to 15 minutes.
However, when I then check an exported certificate with certutil -f -urlfetch -verify the none of the times match with what is set.
I'm not sure if I've missed a setting or something which may be causing this.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 92%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYL%3C/text%3E%3C/svg%3E)
Hello
Thank you for posting in Q&A forum.
The first image shows when the CRL will be updated.
While this command shows which certificates are verifiable and valid, you should compare this certificate with the CRL.
Basic CRL checking with certutil - Microsoft Community Hub
Best regards
Yanhong
=====================================
If the answer is helpful, please click "Accept answer" and upvote it
