Understand the purpose of certificate revocation lists (CRLs). Learn how to create and edit publication points as local paths, HTTP or HTTPS locations, and UNCs.
- [Narrator] In this video, we will take a look…at the process of revoking a certificate…and letting everyone know…the certificate is no longer valid.…Let's say one of our star salespeople comes to the IT office…one morning with his laptop in hand, never a good sign,…he launches into a story that includes lending…his work laptop to his college student son…who shared it with a hacker friend…that proceeded to show the employee's son…how easy it is to enter a corporate network.…It's safe to say that that workstation…certificate is compromised.…
So the question is,…how do we make the list of what certificates…are no longer valid…and how do we get the word to our web portals…or other servers that would need to identify…and not allow that certificate to be used?…In a small network like the one we've created in our lab,…it would be quite easy to revoke a certificate…before it's expiration if we believe it to be compromised…or for whatever reason.…To do that, we simply browse to issued certificates.…
Right here, we'll see the computer certificate…
Note: The topics covered here map to the Configure Identity and Access Solutions domain for Microsoft Certified Solutions Associate (MCSA) Exam 70-412, Configuring Advanced Windows Server 2012 Services. Use these tutorials to study for the exam.
- Implementing Active Directory Federation Services (AD FS)
- Configuring AD FS authentication policies
- Configuring multifactor authentication
- Installing and configuring Active Directory Certificate Services (AD CS)
- Creating certificate templates
- Configuring certificate authority backup and recovery
- Managing certificates, including templates and renewal
- Installing and configuring Active Directory Rights Management Services (AD RMS)