Comments by Vadims Podāns:
06.04.2022: %7 variable in CDP/AIA extension truncates the CA name string to 51 character, not 32. Source: [MS-WCCE] §3.1.1.4.1.1.
To specify CA certificate access points in issued certificates
To | Do this |
---|---|
Add a URL that will be published as part of any certificate issued by a CA. | Click Add, then type a URL where users can obtain the CA's certificate. |
Remove an authority information URL from the list on issued certificates. | Click the URL and then click Remove. |
Indicate that that you do not want to use a URL as an authority information access point in certificates without removing it from the list. | Clear the URL's check box. |
Indicate that a URL can now be used as an authority information access point. | Select the URL's check box. |
Notes
Authority information access URLs can be either HTTP, FTP, LDAP, or FILE addresses. You can use the following variables when specifying the address of the authority information access point:
Variable | Value |
---|---|
%1 | The DNS name of the certification authority server |
%2 | The NetBIOS name of the certification authority server |
%3 | The name of the certification authority |
%4 | The renewal extension of the certification authority |
%5 | The location of the domain root in Active Directory |
%6 | The location of the configuration container in Active Directory |
%7 | The "sanitized" name of the certification authority, truncated to 32 characters with a hash on the end |