After configuring and installing OCSP on an Enterprise Certification Authority I noticed that the OCSP location in the PKIView is displaying an error as per below screen shot.
The OCSP was working fine with current certificate and I verified and validated it using the
Certutil -url (Check below article for more details)
It turned to be that the original AIA path that was used has been changed on my CA extensions with another path which led to this error. So in order to fix this issue, the following was done:
- Revoked the Latest CA Exchange certificate, this can be done by checking your Certification Authority – Issued Certificate – Arrange them by Certificate template and check the latest CA Exchange Certificate
From an Admin Command prompt run “certutil -cainfo xchg”