Feb 27 2018 02:30 AM
Feb 27 2018 02:30 AM
Hi Community!
I'm currently facing an issue with a webapplication and ssl-certificates.
The Scenario is that we have a web-Application for the Intranet hosted by an IIS. Due to security reasons the server has no internet connection and cannot validate the SSL certificate.
I tried nearly everything to disable the CRL and OCP, but I constantly get errors in the event log stating that the ssl-valdiation failed. I looked a lot in the capi2 log but I can't find out why the CRL / OCP is still active.
My question is: How do you handle SSL-Certificates on a server that is not internet-connected? Are there any best practices or good blog articles? I couldn't find any articles for my specific Problem.
The only solution I have left is to configure the proxy-server for the app-pool account as this account seems to be validating the cert. Would you consider this a good practice?
Feb 27 2018 03:48 AM
SolutionHave you seen this article? https://blogs.msdn.microsoft.com/johan/2010/02/02/using-ssl-without-an-internet-connection/
Looks like it should fix your issue.
Feb 27 2018 11:42 PM
Hi Richard,
thank you very much for this link - I'll try this and report if it worked.
Usually I'm good at googling don't know why I didn't find this solution.
Feb 28 2018 02:29 AM
Thanks for the update. Fingers are crossed!
Mar 05 2018 09:19 AM
Hmm, well the button is misleading; should read Best Response suggested by ........
Feb 27 2018 03:48 AM
SolutionHave you seen this article? https://blogs.msdn.microsoft.com/johan/2010/02/02/using-ssl-without-an-internet-connection/
Looks like it should fix your issue.