Access is denied when publishing CRL

Introduction
I was following a guide on how to create a custom location of the crl and got stuck when trying to publish the CRL, the error is Access is denied 0x80070005. Apparently even my CA has full control of the directory and NTFS permission the publishing is denied. It turns out that I need to locate the CRL onto another server other than the CA itself.

for this I decided to store the CRL onto a DC.

Creating a folder for storing CRL on DC
I would need to set the sharing permission and NTFS permission for this.

Right click on the folder, and choose properties. Then click on Sharing, and click Advance Sharing.

I put $ at the end of the share name. Then click on Permission.

Click on Object Type, and choose Computer, then click ok. After which you type in the name of your CA and click ok.

Choose CA$ and give Full Control. The CA must have write permission.

Choose Security tab to give NTFS permission to CA. Give full permission because the CA requires write permission.

Adding CRL extension to point to the new folder that stores CRL

Click on the Add button, and type in file://DC01/crldist$/ then insert CAName, CRLNameSuffix, DeltaCRLAllowed, and at the end type in .crl. Select Publish CRLs to this location and Publish Delta CRLs to this location.

Restart the CA service and publish.

Navigate to \\DC01\crldist$ you should see the two files.

One thought on “Access is denied when publishing CRL”

you have got to be kidding me! you cant publish a crl to the ca? Microsoft, get it together!

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Share this:

Like this:

Related

Published by cyruslab

One thought on “Access is denied when publishing CRL”

Leave a Reply Cancel reply