Your instructor will demonstrate how to modify the CDP and AIA locations for a certification authority

ILLEGAL FOR NON-TRAINER USE

Introduction

Procedure: Modifying the CDP location

To allow users who are not members of your organization to verify the validity of certificates, you must change the AIA and CDP locations to reflect a location that is accessible to external clients. Most often this location is somewhere on a screened subnet external to the company domain. To modify and publish AIA and CDP extensions, you use Certutil.exe and the Certification Authority Program UI.

To modify the CDP location for a certification authority, perform the following steps:

1. Log on as Administrator.

2. Open the Certification Authority MMC snap-in.

3. Right-click the name of the server, and then select Properties.

4. Click the Extensions tab.

5. From the Select Extension box, select CRL Distribution Point (CDP).

6. Remove the LDAP, FILE, and HTTP CDP entries by selecting the appropriate name and clicking Remove.

8. In the Add Location dialog box, type the name of the external Web server and the .crl file in the Location box.

10. Manually copy the .crl file from the CA to the new location on the external Web server.

Note In the default installation of Windows Server 2003, the .crl file is located in the C:\windows\system32\certsrv\certenroll\ directory.

Procedure: Modifying To modify the AIA location to an external Web server for a certification the AIA l°cati°n authority, perform the following steps:

1. Manually copy the .crt file from the CA to the new location on the external Web server.

2. Log on as a member of the Enterprise Admins group.

3. Open the Certification Authority MMC snap-in.

4. Right-click the name of the server, and then select Properties.

5. Click the Extensions tab.

6. Select Authority Information Access (AIA) from the Select Extension box.

7. Remove the LDAP, FILE, and HTTP CDP entries by selecting the appropriate name and clicking Remove.

9. In the Add Location dialog box, type the name of the external Web server and the .crt file in the Location box.

Note In the default installation of Windows Server 2003, the .crt file is located in the C:\windows\system32\certsrv\certenroll\ directory.

Was this article helpful?

0 0
Outsource Explosion

Outsource Explosion

There will come a day in your business (if it hasn't already arrived) when you realise that you only have two hands and 24 hours in a day. What I mean is you can't do everything that your business needs yourself. If you try to do everything yourself your business will at best grind to a halt, and at worst, GO UNDER. Take a look RIGHT NOW at the successful marketers around you - the millionaires, the gurus and the market leaders.

Get My Free Ebook


Responses

  • kaleb
    How to adjust ldap cdp location?
    7 years ago
  • FELIX
    How to delete aia location server 2008?
    7 years ago
  • Rita
    How to change aia location?
    7 years ago

Post a comment