How to fix the mismatch of CRL Link in CSR and IIS server certificate

Question

Hi Team,

We have a CSR generated for 1 of the servers but while user are accessing the server via RDP they get an error as the CRL check is failing.

Upon checking the issue we could find that the CRL URL link is missmatched in CSR certificate and IIS server.

Can we change the CRL URL link in CA admin console to resolve the issue or do we have any other way around.

Thank you

Answer 1

HI Dilip Patel, Vipul (Cognizant)

After Check the CRL Distribution Point download the CRL on the server. This link https://techcommunity.microsoft.com/t5/iis-support-blog/crl-checking-by-iis/ba-p/348170will be pointing to one of the CDP servers hosted by the CA. Verify CRL and define your CertCheckMode (above link detail). Restart IIS. If needed you can clear CRL cache https://stackoverflow.com/questions/75360269/how-to-disable-certificate-revocation-list-crl-caching-on-iis-10-0

# If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".