![]() To see when the cache was invalidated the last time, perform this command:Ĭertutil –getreg chain\ChainCacheResyncFiletime ![]() The following commands require administrative permission on the system. You can use certutil to set a date and time when all cache entries become invalid. On Windows Vista, CAPI 2.0 has support to set a expiry date for the CRL and OCSP cache. You can view what is in your current CRL cache with the following command: Windows versions before Windows Vista do not support deletion or a forced update of the CRL cache. The downside of this behavior is that a newer CRL is not picked up by the client until the locally cached CRL has expired. First published on TECHNET on Sep 13, 2007īy default, Windows is caching Certificate Revocation Lists (CRL) and CA certificates to quickly verify certificate chains.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |