Microsoft KB Archive/246563

From BetaArchive Wiki

How to Publish Certificate Revocation Lists to a File Transfer Protocol Location


The information in this article applies to:

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Server


This article describes how to publish Certificate Revocation Lists (CRLs) to a File Transfer Protocol (FTP) location.


To publish CRLs to an FTP location, you must perform the following steps.

Step 1: Add the FTP Uniform Resource Locator (URL) to the List of URLs

To add the FTP Uniform Resource Locator (URL) to the list of URLs included in the CRL Distribution Point (CDP) extension, use the following steps:

  1. Start the Certification Authority Administration tool.
  2. Right-click the CA service name, and then click Properties.
  3. On the Policy Module tab, and then click Configure.
  4. On the X.509 Extensions tab, click Add.
  5. Type the URL, and then click OK.

Step 2: Changing the Registry Setting

To change the registry setting to enable the CA service to include FTP URLs in the certificates it issues, use the following steps:

NOTE: You only need to perform these steps once for each CA service.

  1. From the command line on the CA service, type the following command:
  2. Stop then restart the CA service.

All certificates issued by the CA service now contain the FTP URL.

Additional query words:

Keywords : kbenv
Issue type : kbhowto
Technology : kbwin2000AdvServ kbwin2000AdvServSearch kbwin2000DataServ kbwin2000DataServSearch kbwin2000Serv kbwin2000ServSearch kbwin2000Search kbWinAdvServSearch kbWinDataServSearch

Last Reviewed: January 1, 2000
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.