SCEP certificate revocation

Unanswered Question
Feb 26th, 2008
User Badges:
  • Silver, 250 points or more

Hello All,


Could somebody explain me how can I revoke certificate with Microsoft SCEP, where can I type the challange password during the rvocation. If I revoke my certificate as usuall routers don1t realize that the certificate has been revoked. I hardly see any documentation about it.


Thanks in advance


FCS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
farkascsgy Wed, 02/27/2008 - 04:57
User Badges:
  • Silver, 250 points or more

Guys,


I faced with the following fact:

If I revoke the certificate in my Win2003 CA and request the latest CRL on the router nothing happen, IPSec between the routers still up and can reestablish when I clear them.


Feb 27 12:51:18.477: CRYPTO_PKI: Trust-Point CER picked up

Feb 27 12:51:18.477: CRYPTO_PKI: unlocked trustpoint CER, refcount is 0

Feb 27 12:51:18.477: CRYPTO_PKI: locked trustpoint CER, refcount is 1

Feb 27 12:51:18.752: CRYPTO_PKI: Added x509 peer certificate - (1394) bytes

Feb 27 12:51:18.752: CRYPTO_PKI: Found public key in hash table. Bypassing certificate validation

Feb 27 12:51:18.764: CRYPTO_PKI: Selected AAA username: '1841-rtr.catest.net'


If I delete the public key of the router whose certificate has been revoked, the router realize that certificate has been revoked.


This scenario is really strange for me, can someone explain me that this is the way of revocation or I missed something and I am on a wrong way.


Thanks in advance

FCS

Actions

This Discussion