Hello!
I'm trying to set up vm replication using certificates: I can successfully publish CRLs to the file share but Hyper-V says it can't validate the certificate:
The certificate I'm using on the host PC is correct:
c:\certutil -store my
my "Personal"
================ Certificate 0 ================
Serial Number: 7c00000007a6359faad4cd0fd1000000000007
Issuer: CN=Test2-DC2-CA, DC=Test2, DC=Local
NotBefore: 1/30/2014 1:58 PM
NotAfter: 1/30/2016 1:58 PM
Subject: E=mailadmin@test2.local, CN=Host3, OU=IT, O=Test2, L=Kolomna, S=Moscow, C=RU
Non-root Certificate
Template: 1.3.6.1.4.1.311.21.8.6636117.6422132.15484563.1961881.9683788.41.2246657.9000939
Cert Hash(sha1): f6 3c 61 61 8c c9 e5 37 fb 2d c4 1e 0d be b1 fb 8a 48 68 83
Key Container = le-de68c198-1498-4369-8c0e-3a89eaac5d79
Unique container name: 99bc11b017f056eb2867ed9667aa077c_8aa115e2-780f-4c9c-929b-478dfe399580
Provider = Microsoft RSA SChannel Cryptographic Provider
Encryption test passed
CertUtil: -store command completed successfully.
I'd like to crarify the following: do the words "revocation server was offline" mean that Host3 can't access the file share with CRLs (\\host1\crl) or the CA server itself (dc2.test2.local)? As far as I understand the revocation means accessing CRLs at any place specified in the certificate, NOT on the CA itself...
Thank you in advance,
Michael