To manually publish the certificate revocation list

1. Log on to the system as an Administrator.
2. Open Certification Authority
3. In the console tree, click on Revoked Certificates.

   Where?

   • Certification Authority (computer)
   • CA name
   • Revoked Certificates
4. On the Action menu, point to All Tasks, and click Publish.
5. Click Yes to overwrite the previously published certificate revocation list (CRL)

 Note

• To open Certification Authority, click Start, point to Programs, point to Administrative Tools, and then click Certification Authority.
• Clients that have a cached copy of the previously published CRL will continue using it until its validity period has expired even though a new CRL has been published. Manually publishing a CRL does not affect cached copies of CRLs that are still valid; it only makes a new CRL available for systems that do not have a valid CRL.

  See Related Topics for the procedure clients can use to get the most recent CRL published by the certification authority (CA) even if they still have a valid CRL cached.

• On the server on which the CA is installed, the CRL is published in:

  Systemroot\system32\CertSrv\CertEnroll\

  If Active Directory is available, the CRL is also published to Active Directory.

Working with MMC console files

Revoking certificates and publishing CRLs

Certificate revocation

Revoke an issued certificate

Specify certificate revocation list distribution points in issued certificates

Schedule the publication of the certificate revocation list

View the certificate revocation list

Retrieve a certificate revocation list