A file distribution point must follow the UNC syntax

Several whitepapers explain the three valid protocols (HTTP, LDAP or FILE) to retrieve a Certificate Revocation List (CRL) or the Authority Information Access (AIA). However, none of these whitepapers is specific about the syntax for the file protocol (file://).

The simple answer is that a CRL or AIA file reference must follow the UNC syntax, for example: \\myserver\myshare\mycrl.crl

Certificates containing an absolute path like C:\myfolder\mycrl.crl will result in an error message when the system is verifying the validity of a certificate.


Skip to main content