Windows PKI blog

News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals

Offline CA articles posted to the TechNet Wiki

Offline CA articles posted to the TechNet Wiki

  • Comments 1
  • Likes

Amer Kamal recently posted two articles regarding the security and maintenance of offline CAs based on frequently asked questions from customers. These articles posted as:

Security Best Practices for Offline CAs

and

Offline CA Maintenance Tasks

Since they are TechNet Wiki articles, you can not only review them, but also help to improve them.

Comments
  • I note in this article (technet.microsoft.com/.../cc782041(v=ws.10).aspx) there is a CRL Re-Sign mechanism for expired offline root CRL which is not available to be brought back online. Can you explain in more detail how to address expired offline crl publication without bringing the offline root CA back online?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment