Re: Error by downloading CRL from '**********': "C...

umersajid_ · ‎05-23-2013

Hi Everyone,

I have probleem with download CRL(Certificate revocation lists) with my UAC

I am useing option "manually configured CDP" with CDP URL

I can download CRL file use this URL from my browser. so there is nothing wrong with my URL

I see this error in log

Error downloading CRL from 'http://*******%20root%20certificate.crl': CRL verification error

Current version:

4.3R3 (build 20777)

Model:

IC-6500

can anyone help me please

kalagesan_ · ‎05-26-2013

Hi Umer,

Can you try CDP URL with Ip address instead of hostname, Also can you install root, device and server certificates from CA.

Regards,

Kannan

umersajid_ · ‎05-27-2013

Hi Kannan

first of all thanks for reply

I have try it with Ip address instead of hostname But still same error "verification error"

I can instala certificates from CA. because If i go to CDP URL via browers then i can download CRL

Umer

kalagesan_ · ‎05-28-2013

Hi Umer,

Please install root, device and server certificates from CA on the infranet controller trusted CA server list.

Also can you try pinging the CDP URL hostname from IC device. You can do this by navigating to below section of IC GUI

Maintenance>Troubleshooting>Tools>Commands .

Also try pinging the CDP ip instead of hostanem if ping is failing for hostname.

If both Ip & hostname pings are failing , it will be CDP reachability issue

Regards,

Kannan

umersajid_ · ‎05-29-2013

Hi Kannan,

both Ip & hostname is pingable.

what do you mean by root, device and server certificates from CA?

I have only install our root certificate to "trusted CA server list" and "Trusted Client CAs list"

Sorry if i asked supid qustions i am not expert in certificate.

Umer

kalagesan_ · ‎06-03-2013

Hi Umer,

Are you using any proxy to connect through this HTTP URL, I suspect this as the issue.

Can you try with LDAP cdp URL instead of http URl, hope this helps

Regards,

Kannan

Error by downloading CRL from '**********': "CRL verification error"