04-24-2009 08:03 AM
Hello,
I'm implementing a VPN solution with CA certificate using Smart Cards.
I would know If someone has lost his card, How can I bloc it?
thanks
04-24-2009 09:01 AM
You would tipically implement CRL checking and make sure that when that happens you revoke the certificate on the lost card.
04-27-2009 04:52 AM
Hello,
I implemented CRL cheking but It doesn't work, bellow the configuration that I made.
_______________________________________________________________
crypto ca trustpoint server
revocation-check crl none
enrollment terminal
fqdn test.test.com
subject-name CN=test.test.com,OU=TSWEB, O=Cisco Systems,C=us,St=new ,L=new
keypair my.ca.key
crl configure
policy both
url 1 http://192.168.10.191/certsrv/certcrl.crl
cache-time 1
no enforcenextupdate
no protocol ldap
no protocol scep
_______________________________________________________________
Have you an example of How to do that with a Microsoft CA Server.
Thanks for your help
04-27-2009 04:59 AM
04-27-2009 07:14 AM
Check your CRL url and see if the server is indeed listening on this port and path, as well your CRL setup is set to none, you need to at least define CRL optional before you need to check that the URL is valid.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide