Specifically... You have to find out what the IP or the URL of the server where your CRL is located.
This is determined by figuring out who issued your Cert that your CAS's have. Our Certs are issued from Geotrust. Then you put an exception in the default role to allow access to CRL On Thu, Mar 6, 2008 at 4:07 PM, Dale Harville <[EMAIL PROTECTED]> wrote: > How do you open up the filters? > > > > Dale Harville > Network Administrator > Galveston College > 4015 Ave Q. > Galveston, TX 77550 > 409-944-1356 > ------------------------------ > > *From:* Cisco Clean Access Users and Administrators [mailto: > [EMAIL PROTECTED] *On Behalf Of *Mike King > *Sent:* Thursday, March 06, 2008 1:21 PM > *To:* [email protected] > *Subject:* Re: revocation list > > > > Hi Shane. > > Yes, you have to open up the filters to allow clients to contact your CA > to get the CRL. > > But this is not a Cisco requirement. This is a Microsoft Internet > Explorer requirement. > > CCAA uses IE to perform the http part of the session. So if your IE is > configured to check for a CRL, then CCAA will need it. > > You can disable it in IE advanced options, and IE won't require it > anymore. But the better answer is to just allow access to it. > > > Mike >
