Tag: Delta revocation list (Delta CRL)

Basics: Delta revocation lists

Certificate revocation lists (CRLs) are used to remove issued certificates from circulation before the end of their validity period.

A CRL is a signed list of the serial numbers of certificates that have been revoked by the certification authority. The revocation list has an expiration date (usually a few days short) and is reissued and signed by the associated certification authority at regular intervals.

Certificate revocation lists can reach a considerable size if the volume of revoked certificates is high (as a rule of thumb, you can expect about 5 megabytes per 100,000 entries). The regular download of large certificate revocation lists by subscribers can generate a large network load. To address this problem, there is the concept of delta revocation lists.

Continue reading „Grundlagen: Deltasperrlisten“

Logon error with Windows Hello for Business: "Contact the system administrator and tell them that the KDC certificate could not be verified."

Assume the following scenario:

  • The company is using Windows Hello for Business.
  • Users receive the following error message when logging in to the client:
Sign-in failed. Contact your system administrator and tell them that the KDC certificate could not be validated. Additional information may be available in the system event log.
Continue reading „Anmeldefehler mit Windows Hello for Business: „Wenden Sie sich an den Systemadministrator, und teilen Sie ihm mit, dass das KDC-Zertifikat nicht überprüft werden konnte.““

Details of the event with ID 75 of the source Microsoft-Windows-CertificationAuthority

Event Source:Microsoft-Windows-CertificationAuthority
Event ID:75 (0x4B)
Event log:Application
Event type:Error
Symbolic Name:MSG_E_DELTA_CRL_PUBLICATION_HOST_NAME
Event text (English):Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location on server %4: %2. %3.%5%6
Event text (German):Failed to publish delta certificate revocation list for key %1 at the following location on server "%4": %2. %3.%5%6
Continue reading „Details zum Ereignis mit ID 75 der Quelle Microsoft-Windows-CertificationAuthority“

Details of the event with ID 66 of the source Microsoft-Windows-CertificationAuthority

Event Source:Microsoft-Windows-CertificationAuthority
Event ID:66 (0x42)
Event log:Application
Event type:Error
Symbolic Name:MSG_E_DELTA_CRL_PUBLICATION
Event text (English):Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location: %2. %3.%5%6
Event text (German):Failed to publish delta certificate revocation list for key %1 at the following location: %2. %3.%5%6
Continue reading „Details zum Ereignis mit ID 66 der Quelle Microsoft-Windows-CertificationAuthority“
en_USEnglish
de_DEDeutsch en_USEnglish