Active Directory Certificate Services: resolving Offline Root startup issues
In my lab today, I was testing some ideas on implementing Transport Layer Security (TLS). It was about the time I needed the certificate and encountered an issue.
The Certificate Services service was stopped. When manually started, the following error message was displayed:
The revocation function was unable to check revocation because the revocation server was offline.
Nice one! A little reading made realise the Certificate Revocation List (CRL) file was required to be renewed, as an Offline Root Certificate Authority was in use at my lab.
With thanks to Jeff Kyker for his page on the topic, the fix was very simple. The steps he provides are easy to follow.
I would also like to thank Shannon Fritz for putting the details in his post.
Big help, gentlemen!