To manually publish the certificate revocation list
- Log on to the system as an Administrator.
- Open Certification Authority.
- In the console tree, click on Revoked Certificates.
- Certification Authority (computer)
- CA name
- Revoked Certificates
- On the Action menu, point to All Tasks, and click Publish.
- Click Yes to overwrite the previously published certificate revocation list (CRL).
Notes
- To open Certification Authority, click Start, point to Programs, point to Administrative Tools, and then click Certification Authority.
- Clients that have a cached copy of the previously published CRL will continue using it until its validity period has expired even though a new CRL has been published. Manually publishing a CRL does not affect cached copies of CRLs that are still valid; it only makes a new CRL available for systems that do not have a valid CRL.
See Related Topics for the procedure clients can use to get the most recent CRL published by the certification authority (CA) even if they still have a valid CRL cached.
- On the server on which the CA is installed, the CRL is published in:
Systemroot\system32\CertSrv\CertEnroll\
If Active Directory is available, the CRL is also published to Active Directory.