How to create a certificate revocation list for the root certification authority
7 Aug 2015 9:08 AM
To start with this exercise you need to first create certificate, if not yet created refer to previous post.
Let’s start with this exercise:
- On the computer running Microsoft Dynamics NAV Server, create a temporary folder to use when you work with certificates.
- Open the command prompt as follows:
- If you have Visual Studio installed on your computer, choose Start. choose All Programs. choose Microsoft Visual Studio 2012. choose Visual Studio Tools. and then right-click Visual Studio Command Prompt and choose Run as Administrator .
- If you have the Windows SDK installed on your computer, choose Start. choose All Programs. choose Microsoft Windows SDK. and then right-click Windows SDK Command Prompt (2010) (or CMD Shell ) and choose Run as Administrator .
- At the command prompt, locate the temporary directory.
- At the command prompt, type the following command:
makecert -crl -n “CN=RootNavServiceCA” -r -sv RootNavServiceCA.pvk RootNavServiceCA.crl
- When you are prompted, enter the password that you used to create the root CA.
The RootNavServiceCA.crl certificate revocation file is
saved in your temporary folder.
Now we will install the certificate revocation list on the computer running Microsoft Dynamics NAV Server
- In the Certificates snap-in, in the left pane of MMC, expand the Certificates (Local Computer) node.
- Expand the Trusted Root Certification Authorities node, right-click the Certificates subfolder, select All Tasks. and then choose Import .
- In the Certificate Import Wizard, on the Welcome page, choose Next .
- On the File to Import page, choose Browse .
- In the File Type field, select Certificate Revocation List (*.crl) .
- Browse to the location of the RootNavServiceCA.crl file, select the file, and then choose Open .
- On the File to Import page, choose Next .
- On the Certificate Store page, accept the default selection, and then choose Next .
- On the Completing the Certificate Import Wizard page, choose Finish .
- Select the Trusted Root Certificate Authorities node, and then refresh the snap-in.
A Certificate Revocation List folder that contains the RootNavServiceCA.crl file has been created.
In next step we will now create and install a test certificate on computer running Microsoft Dynamics NAV Server.Source: community.dynamics.com