Enabling Certificate Revocation Checking in Internet Information Server 4.0 (232165)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
This article was previously published under Q232165 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: IMPORTANT: This article contains information about modifying the registry. Before you
modify the registry, make sure to back it up and make sure that you understand how to restore
the registry if a problem occurs. For information about how to back up, restore, and edit the
registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
SUMMARY
Microsoft Internet Information Server (IIS) 4.0 in combination with Microsoft Certificate Server 1.0 make an excellent platform for distributing client authentication certificates. An important part of certificates is the ability to revoke a certificate (for instance, when a person leaves the company).
By default, certificate revocation checking is disabled in IIS 4.0 due to the time involved in performing the check, especially if the CRL (Certificate Revocation List) happens to be on another server across the Internet.
Modification Type: | Minor | Last Reviewed: | 6/23/2005 |
---|
Keywords: | kbhowto KB232165 |
---|
|