Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

certificates issues

Status
Not open for further replies.
McogEsteban

McogEsteban

Programmer
Oct 2, 2003
5
0
0
PT
hello, i don't know if this is the right place to post this but here it goes.

i'm trying to understand a few things how certificates work on Windows.

first:
Dows Windows cache CRL's to verify the certificates and does it verifies the whole chain?
Ex: CA1 -> CA2 -> EUC (end user certificate), does windows check CA1 CRL list, CA2 and EUC?

CRL - Certificate Revocation List.

two:
Dows Windoes refeshes the CRL automatically ou do i need to download the CRL, sure Windoes can download the CRL, but i don't know where to look to activate this options.

third:
How does Windows keep and where the information contained in the CRL, i made a test downloading a CRL (using Firefox and IE).

Firefox offered the chance to make windows update the list automatically, IE didn't ...but with IE i was able to save the file, soon the installation got over, i tryed to look the file in the filesystem and i couldn't find anything, so where does Windows keeps the information contained in the list.

can some one point me to some papers, docs whatever or tell how does this works.
thanks.
cu soon.
 
Sort by date Sort by votes
This might help some....


There are some CRL download tools that actually write CRL information to the registry, but are kind of hard to get a hold of, and can make the registry huge, depending on how many CRL's you need to manage. As far as some ways around having these CRL's on your machine, how about having an OCSP responder. This is a program that basically has a "database" outside of your servers that queries this database, and provides a yes or no answer as to the validity of the client certificate.
 
Upvote 0 Downvote

hi
very new to this. so pardon if i don't follow protocol for awhile. i am a fast learner.
does anyone have any info on i.t department duties?
would appreciate any help whatsoever.
we have been asked to come up with duties, responsibilties,
and set up policy for about a 150 employee company with 8 locations.
thanx



 
Upvote 0 Downvote
One hint on using these discussion groups, don't add to a subject if your question is not releated to the original question. I see you have posted this question here and as a new question. This just makes it hard for everyone.

Good Luck!

Dan
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Carlvic
  • Locked
  • Question
Webhosting Issues.
Replies
4
Views
78
Carlvic
Carlvic
xpblueScreenOfDeath
  • Locked
  • Question
X509 Certificates?
Replies
0
Views
26
xpblueScreenOfDeath
xpblueScreenOfDeath
RichieMac
  • Locked
  • Question
login screen issues
Replies
7
Views
33
RichieMac
RichieMac
RoknRole
  • Locked
  • Question
Remote access security issues
Replies
3
Views
34
dkediger
dkediger
ashishsmith
  • Locked
  • Question
FTP ISSUES
Replies
7
Views
62
ashishsmith
ashishsmith

Part and Inventory Search

Sponsor

Back
Top