Forum Discussion
Deleted
Feb 27, 2018Verification of SSL-Certificate without internet connection
Hi Community!
I'm currently facing an issue with a webapplication and ssl-certificates.
The Scenario is that we have a web-Application for the Intranet hosted by an IIS. Due to security reasons the server has no internet connection and cannot validate the SSL certificate.
I tried nearly everything to disable the CRL and OCP, but I constantly get errors in the event log stating that the ssl-valdiation failed. I looked a lot in the capi2 log but I can't find out why the CRL / OCP is still active.
My question is: How do you handle SSL-Certificates on a server that is not internet-connected? Are there any best practices or good blog articles? I couldn't find any articles for my specific Problem.
The only solution I have left is to configure the proxy-server for the app-pool account as this account seems to be validating the cert. Would you consider this a good practice?
Have you seen this article? https://blogs.msdn.microsoft.com/johan/2010/02/02/using-ssl-without-an-internet-connection/
Looks like it should fix your issue.
Have you seen this article? https://blogs.msdn.microsoft.com/johan/2010/02/02/using-ssl-without-an-internet-connection/
Looks like it should fix your issue.
Hmm, well the button is misleading; should read Best Response suggested by ........
- Deleted
Hi Richard,
thank you very much for this link - I'll try this and report if it worked.
Usually I'm good at googling don't know why I didn't find this solution.
Thanks for the update. Fingers are crossed!