%3CLINGO-SUB%20id%3D%22lingo-sub-1128368%22%20slang%3D%22en-US%22%3EA%20file%20distribution%20point%20must%20follow%20the%20UNC%20syntax%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1128368%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3E%20First%20published%20on%20TECHNET%20on%20Dec%2004%2C%202006%20%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20class%3D%22MsoNormal%22%20style%3D%22margin%3A%200cm%200cm%2010pt%3B%22%3E%3CSPAN%20style%3D%22font-size%3A%2010pt%3B%20color%3A%20%2331849b%3B%20line-height%3A%20115%25%3B%20font-family%3A%20'Lucida%20Sans%20Unicode'%2C'sans-serif'%3B%20mso-themecolor%3A%20accent5%3B%20mso-themeshade%3A%20191%3B%22%3E%20Several%20whitepapers%20explain%20the%20three%20valid%20protocols%20(HTTP%2C%20LDAP%20or%26nbsp%3BFILE)%20to%20retrieve%20a%20Certificate%20Revocation%20List%20(CRL)%20or%20the%20Authority%20Information%20Access%20(AIA).%20However%2C%20none%20of%20these%20whitepapers%20is%20specific%20about%20the%20syntax%20for%20the%20file%20protocol%20(file%3A%2F%2F).%20%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22MsoNormal%22%20style%3D%22margin%3A%200cm%200cm%2010pt%3B%22%3E%3CSPAN%20style%3D%22font-size%3A%2010pt%3B%20color%3A%20%2331849b%3B%20line-height%3A%20115%25%3B%20font-family%3A%20'Lucida%20Sans%20Unicode'%2C'sans-serif'%3B%20mso-themecolor%3A%20accent5%3B%20mso-themeshade%3A%20191%3B%22%3E%20The%20simple%20answer%20is%20that%20a%20CRL%20or%20AIA%20file%20reference%20must%20follow%20the%20UNC%20syntax%2C%20for%20example%3A%20%3CSPAN%20style%3D%22color%3A%20%2331849b%3B%20mso-themecolor%3A%20accent5%3B%20mso-themeshade%3A%20191%3B%22%3E%20%5C%5Cmyserver%5Cmyshare%5Cmycrl.crl%3C%2FSPAN%3E%20%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22MsoNormal%22%20style%3D%22margin%3A%200cm%200cm%2010pt%3B%22%3E%3CSPAN%20style%3D%22font-size%3A%2010pt%3B%20color%3A%20%2331849b%3B%20line-height%3A%20115%25%3B%20font-family%3A%20'Lucida%20Sans%20Unicode'%2C'sans-serif'%3B%20mso-themecolor%3A%20accent5%3B%20mso-themeshade%3A%20191%3B%22%3E%20Certificates%20containing%20an%20absolute%20path%20like%20C%3A%5Cmyfolder%5Cmycrl.crl%20will%20result%20in%20an%20error%20message%20when%20the%20system%20is%20verifying%20the%20validity%20of%20a%20certificate.%20%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22MsoNormal%22%20style%3D%22margin%3A%200cm%200cm%2010pt%3B%22%3E%3CSPAN%20style%3D%22font-size%3A%2010pt%3B%20color%3A%20%2331849b%3B%20line-height%3A%20115%25%3B%20font-family%3A%20'Lucida%20Sans%20Unicode'%2C'sans-serif'%3B%20mso-themecolor%3A%20accent5%3B%20mso-themeshade%3A%20191%3B%22%3E%20Carsten%20%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1128368%22%20slang%3D%22en-US%22%3E%3CP%3EFirst%20published%20on%20TECHNET%20on%20Dec%2004%2C%202006%20Several%20whitepapers%20explain%20the%20three%20valid%20protocols%20(HTTP%2C%20LDAP%20or%26nbsp%3BFILE)%20to%20retrieve%20a%20Certificate%20Revocation%20List%20(CRL)%20or%20the%20Authority%20Information%20Access%20(AIA).%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1128368%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECarstenKinder%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

First published on TECHNET on Dec 04, 2006

Several whitepapers explain the three valid protocols (HTTP, LDAP or FILE) to retrieve a Certificate Revocation List (CRL) or the Authority Information Access (AIA). However, none of these whitepapers is specific about the syntax for the file protocol (file://).

 

 

 

The simple answer is that a CRL or AIA file reference must follow the UNC syntax, for example: \\myserver\myshare\mycrl.crl

 

 

 

Certificates containing an absolute path like C:\myfolder\mycrl.crl will result in an error message when the system is verifying the validity of a certificate.

 

 

 

Carsten