This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 39%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hi all
We have PKI setup with rootCA offline and 2 issuing servers. Our root CRL was due to expire so followed the documentation we were given to update it. This was done yesterday and everything seemed ok.
This morning issuing server 1 had CDP location expiring (which i think is normal)
DeltaCRL Location expired and OCSP location Error.
Issuing server2 seems to be ok. This is the first time ive had to do this so not sure how to fix it and dont want to just go poking it.
Thanks
Hi there,
This problem may be caused by your configuration. Please try to change the following CA settings:
-Uncheck "Include in the AIA extension on issued certificates".
-Check "Include in the online certificate status protocol (OCSP) extension"
Then revoke the CA Exchange certificate, run " certutil -cainfo xchg > xchg.cer" to get a new CA Exchange certificate.
Here is a thread as well that discusses the same issue and you can try out some troubleshooting steps from this and see if that helps you to sort the Issue.
Online Responder Location Error
https://social.technet.microsoft.com/Forums/windowsserver/en-US/10060ec2-d783-4ce9-b0f7-d6142dbb420a/online-responder-location-error?forum=winserverDS
--If the reply is helpful, please Upvote and Accept it as an answer--