RevocationFreshnessTime Metabase Property
Applies To: Windows Server 2003, Windows Server 2003 with SP1
If the value of the CertCheckMode Metabase Property is set to MD_CERT_CHECK_REVOCATION_FRESHNESS_TIME, the client's CRL is replaced by the CRL on the CA, even if the CRL that is cached on the client is valid. The value of this metabase property, RevocationFreshnessTime, in seconds, determines the frequency of this action.
The freshness time for a CRL is the period of time for which it is valid. If you set this property to a very short period of time, IIS makes many requests for an updated CRL, which can cause network delays. Setting a longer period of time for the RevocationFreshnessTime metabase property is recommended.
| Attribute Name | Attribute Value |
|---|---|
XML Data Type |
DWORD |
WMI Data Type |
SINT32 |
ADSI Data Type |
DWORD |
ABO Data Type |
DWORD |
ABO Metabase Identifier |
MD_REVOCATION_FRESHNESS_TIME |
Attributes |
INHERIT |
Default Value |
0 |
MetaFlagsEx |
CACHE_PROPERTY_MODIFIED |
User Type |
IIS_MD_UT_SERVER |
ID |
2161 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
| Metabase Path | IIS Admin Object Type |
|---|---|
/LM/W3SVC/n |
IIsWebServer |
/LM/W3SVC |
IIsWebService |
Code Example
For general code examples, see Code Examples to Configure Metabase Properties.
Related Information
- For more information about using SSL and certificates with IIS 6.0, see IIS 6.0 Encryption.
For more information about certificate revocation and CRLs, see Revoking Certificates and Publishing CRLs.