Hello,
I have a Enterprise Sub-CA running on Server 2012R2. The root is an offline CA. I have a history of 6 CA certificates (0-5) of which 4 & 5 are revoked. There are still many valid certificates issued by certificate no. 3 in the field. The problem is, that the CA is not issuing revocation lists for certificate no. 3 anymore and therefore I'm getting certificate errors. The CA is issuing revocation lists for ca certificates no. 0,2 and 5 though. I don't mind no. 1 as there were no certificates issued by this certificate, but I have to have revocation lists for CA certificate no. 3. The revocation lists are not issued automatically or if triggered by hand.
Any idea?
Thanx
__Leo