S
Shankar.Paulraj
Hi experts, the Network Policy and Access Services logs event 6273.
Reason Code: 259
Reason: The revocation function was unable to check revocation because the revocation server was offline.
Setup:
Windows 2016 Server 1: Root CA - running ADDS, ADCS and Network Policy and Access Services
Windows 2016 Server 2: Sub-CA - non domain joined machine running ADDS, ADCS (Network Device Enrollment Service)
The Sub-CA is meant for distributing certs to devices via SCEP. The SCEP functions correctly, however when the device (client) use their Cert for authentication against the Server 1, the auth fails.
Would like to check if the above setup can function? or is it mandatory to domain join the Sub-CA?
With regards to CRL, was able to access as below.
Continue reading...
Reason Code: 259
Reason: The revocation function was unable to check revocation because the revocation server was offline.
Setup:
Windows 2016 Server 1: Root CA - running ADDS, ADCS and Network Policy and Access Services
Windows 2016 Server 2: Sub-CA - non domain joined machine running ADDS, ADCS (Network Device Enrollment Service)
The Sub-CA is meant for distributing certs to devices via SCEP. The SCEP functions correctly, however when the device (client) use their Cert for authentication against the Server 1, the auth fails.
Would like to check if the above setup can function? or is it mandatory to domain join the Sub-CA?
With regards to CRL, was able to access as below.
Continue reading...