While investigating yesterday's post I had to republish the CRL a few times, the issue was that it would not be refreshed on the server as well, which was really annoying, particularly because it took me a few minutes to work out what was going on. At any rate, I found that there is a very simple command that clears the cache:
C:\>certutil -setreg chain\ChainCacheResyncFiletime @now
Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChain
Engine\Config\ChainCacheResyncFiletime:
Old Value:
ChainCacheResyncFiletime REG_BINARY = 17/11/2012 10:45
New Value:
ChainCacheResyncFiletime REG_BINARY = 17/11/2012 10:47
CertUtil: -setreg command completed successfully.
The CertSvc service may need to be restarted for changes to take effect.
No comments:
Post a Comment