Hi, I've created two new issuing Enterprise CA's and immediately afterward changed my HTTP CDP and AIA location to match that of the root CA seeing that the location is accessible enterprise wide. I left the default ldap location as-is. In PKIview one CA seems fine but another is showing the default (http://<servername>/certenroll/<CA.crt>) for CDP and AIA. If I look into the configuration of the Enterprise CA server the correct CDP and AIA locations are set. I've restarted certsvc and re-issued CRL (certutil -CRL) on the faulty server which should publish this to AD. I thought that would have fixed the issue but it didn't. What do I need to do? I'm scared to issue certs from this as they may show incorrect CDP and AIA locations in them. Do I need to run certutil -f -dspublish <CrlFileName.crl> I thought this would have been done for me by recreating the CRL as the option is ticked to 'publish CRLs to this location' for ldap. Thanks

If the settings are correct on you CA and your CA has been restarted after the final config change, then just revoke the CA Exchange certificate issued by that CA and restart PKIView /Hasain

If the settings are correct on your CA and the CA has been restarted after the final config change, then just revoke the CA Exchange certificate issued by that CA and restart PKIView /Hasain

Thanks, that worked.