I have a typical intranet/DMZ/Internet network design and my PKI reflects it: Std. Alone RootCA (offline)intranet | Ent. Sub. CA (AD integrated; CDP) intranet | (FW) -only outbound-traffic to DMZ and Internet | DMZ w/ CDP |(FW) -withrule to CDP |InternetMy problem isthe (.crt) fromthe Enterprise SubordinateCA is failing the revocation checkwhen running certutil -verify <path to .crt>. This occurs no matter if the command is being run fromthe intranet, DMZ or Internet. However, when I run certutil -URL <path to .crL>, all certs' are verified. I realize they are checking two different things. There is full access to all CDP's from intranet, DMZ and Internet.I'm a PKI newbie...so sorry for the novice-like question.Any ideas?Thanks

RESOLVEDI was forgetting toimport the (.crt) to the Trusted Root Certificate Authorities store...(Homer Simpson!!)