First published on TECHNET on Feb 24, 2008
It came to our attention that the Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure whitepaper provides wrong guidance in section Import the Root CA Certificate and CRL into an Intermediate CA from a Batch File . The current documentation recommends that the CRL published by the Root CA is to be added to the Root certificate store.
There are two corrections needed for the commands in step #4 in the Import the Root CA Certificate and CRL into an Intermediate CA from a Batch File section:
The correct commands would look like the following:
for %C in ( FloppyDrive :\*.crt) do certutil –addstore Root %C
for %C in ( FloppyDrive :\*.crl) do certutil –addstore CA %C
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.