A validated LDAP URL for a base CRL appears like this: By using the command certutil -verify -urlfetch CertificateFileName, you can verify the ability to retrieve CA certificates and CRLs for the entire certificate chain of the CertificateFileName file.įor example, if you were to verify the certificate brian.cer by typing certutil -verify -urlfetch brian.cer, the output would fetch each CDP and AIA URL in the certificate and report on the status of the URL. One of the abilities of certutil.exe is to verify certificate chaining and CRL retrieval. Certutil.exe, a utility in the Windows Server 2003 Administration Pack (admin-pak.msi), allows a PKI administrator to manage a PKI from the command line.
0 Comments
Leave a Reply. |