[Piv-test-cards] Help on a problem: Revocation status of the domain
Mark Hankel
I am trying to get the test cards up in my test environment. I am getting the following error message from the domain client computer after attempting to login via the test cards.
"The revocation status of the domain controller certificate used for smart card authentication could not be determined. Additional information may be available in the system event log. Please contact your administrator"
My setup is the following: 2012 r2 Server
Domain: example.com with UPNs to match the cards upn.example.com and upn.example.net
Domain Client Laptop: windows 10
Enclosed are some certutil files I have captured.
On the server, I have installed the Self-Signed Root CA, and the Intermediate Root CA files are stored appropriately.
The same files are installed on the domain client laptop. The laptop also has the testcard certificates installed
Note that he Server has internet access, and the laptop is on the private example.com network. Users can login with appropriate permissions without using the test cards.
Thank you
Mark Hankel
Systems Engineer, Federal
mhankel at extremenetworks.com<mailto:mhankel at extremenetworks.com>
Mobile 508-423-9827
Office 603-952-6365
________________________________
DISCLAIMER:
This e-mail and any attachments to it may contain confidential and proprietary material and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed.