We recently had an incident where The certificate database failed on two occasions on the certificate issuing server This effectively stopped the issuing of new CRLs. After 48 hours all CRLs had expired and no wireless or VPN users could log on to their respective systems. A reboot of the CA fixed the problem CRLs are stored in three locations: Active Directory, public website and certificate issuing server. I would have expected the Radius server to check the other 2 locations when the certificate issuing server failed. My Question. Can Microsoft RADIUS servers check multiple CRL locations or those it just check the first revocation path in the certificate and not the other paths that are provided. ?????

Hi, I think the detailed configuration may vary depending on different environment. Did you following any guide to setup your RADIUS server? Or let us know your configuration information for research. Another option is setting up a CA cluster. Please refer to the following article: Certification Authority Clustering Configuration and Troubleshooting Guide http://technet.microsoft.com/en-us/library/cc742517%28WS.10%29.aspx Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.