Historical Content Alert
This is a historical content for Windows 2000 product and is presented for informative purposes only. All content on this page is copyrighted and owned by Microsoft.To specify certificate revocation list distribution points in issued certificates
- Log on to the system as an Administrator.
- Open Certification Authority.
- In the console tree, click the certification authority.
- Certification Authority (where)
- CA name
- On the Action menu click Properties.
- On the Policy Module tab, click Configure.
- On the X.509 Extensions tab, under CRL Distribution Points, specify the distribution points.
To Do this Add a new certificate revocation list (CRL) distribution point. Click Add, and type in the name of the new CRL distribution point. Remove a CRL distribution point from the list. Click the CRL distribution point, then click Remove. Indicate that you do not want to use a URL as a CRL distribution point. Clear the URL's check box. Indicate that you want to use a URL as a CRL distribution point. Select the URL's check box. - Stop and restart the Certificate Services service.
Notes
- To open Certification Authority, click Start, point to Programs, point to Administrative Tools, and then click Certification Authority.
-
Certificate revocation list URLs can be either HTTP, FTP, LDAP, or FILE addresses. You can use the following variables when specifying the address of the CRL distribution point.
Variable Value %1 The DNS name of the certification authority server %2 The NetBIOS name of the certification authority server %3 The name of the certification authority %4 The renewal extension of the certification authority %5 The location of the domain root in Active Directory %6 The location of the configuration container in Active Directory %7 The "sanitized" name of the certification authority, truncated to 32 characters with a hash on the end - To stop and restart the Certificate Services service, see Related Topics.