Hello,
I'm trying to set up a 2-tier PKI in my lab environment. I've set up my standalone (offline) root CA, and installed a enterprise subordinate Certificate Authority.
However, the service wont start on my enterprise CA, I get the following error:
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885612).
I've published the CRL and AIA on a network share on the subordinate enterprise CA, and the locations are referred to in the certificate in the following manner:
CRL: file://\\cert.domain.com/CertEnroll$/ROOT-CA.crl
AIA: file://\\cert.domain.com/CertEnroll$/ROOT-CA_ROOT-CA.crt
cert.domain.com is a DNS-alias for the subordinate enterprise CA, and resolves. Accessing the files above through the Run-command is not an issue. At this point, I'm completely stuck and can't find anything on the internet that would bring me closer to a solution.
Any help is much appriciated.
Thanks.
