To specify certificate revocation list distribution points in issued certificates
To | Do this |
---|---|
Add a new certificate revocation list (CRL) distribution point. | Click Add, and type in the name of the new CRL distribution point. |
Remove a CRL distribution point from the list. | Click the CRL distribution point, then click Remove. |
Indicate that you do not want to use a URL as a CRL distribution point. | Clear the URL's check box. |
Indicate that you want to use a URL as a CRL distribution point. | Select the URL's check box. |
Notes
Certificate revocation list URLs can be either HTTP, FTP, LDAP, or FILE addresses. You can use the following variables when specifying the address of the CRL distribution point.
Variable | Value |
---|---|
%1 | The DNS name of the certification authority server |
%2 | The NetBIOS name of the certification authority server |
%3 | The name of the certification authority |
%4 | The renewal extension of the certification authority |
%5 | The location of the domain root in Active Directory |
%6 | The location of the configuration container in Active Directory |
%7 | The "sanitized" name of the certification authority, truncated to 32 characters with a hash on the end |