Connect with experts and redefine what’s possible at work – join us at the Microsoft 365 Community Conference May 6-8. Learn more >
Most RecentMost ViewedMost LikesBasic CRL checking with certutil First published on TECHNET on Nov 30, 2006 I want to start this blog with a very basic topic: CRL checking. How to create a web server SSL certificate manually First published on TECHNET on Aug 05, 2009 The Internet Information Server (IIS) and Microsoft Internet Security and Acceleration (ISA) provide wizards in the administration user interface to request and install SSL certificates. Manually publishing a CA certificate or CRL into a LDAP store First published on TECHNET on Apr 13, 2007 The CA is automatically publishing its own certificates and related CRLs into Active Directory if a LDAP reference is configured in the CA property “Extensions”. How to refresh the CRL cache on Windows Vista First published on TECHNET on Sep 13, 2007 By default, Windows is caching Certificate Revocation Lists (CRL) and CA certificates to quickly verify certificate chains. Disposition values for certutil –view –restrict (and some creative samples) First published on TECHNET on Oct 03, 2008 A while ago I explained how to determine all certificates that will expire within a given period. Understanding Key Archival First published on TECHNET on Aug 07, 2009 It came to my attention that there is little understanding regarding the relationship between archived private keys and Key Recovery Agent (KRA) certificates. How EffectiveDate (thisupdate), NextUpdate and NextCRLPublish are calculated First published on TECHNET on Jun 04, 2008 The validity time of a certificate revocation list (CRL) is critical for every public key infrastructure. Creating offline certificate requests through the user-interface on Windows Vista or Windows Server 2008 First published on TECHNET on Oct 04, 2008 Windows Vista and Windows Server 2008 have a convenient user interface to create custom certificate requests. Defining the friendly name certificate property First published on TECHNET on Dec 12, 2008 The friendly name of a certificate can be helpful if multiple certificates with a similar subject exist in a certificate store. Marking private keys as non-exportable with certutil -importpfx First published on TECHNET on Jul 29, 2007 When importing a PFX-file with the certificate import wizard, you can choose if the private key should be exportable or not.
