I
Iain Smart
Guest
Hi,
I am trying to setup Windows Event forwarding for a small workgroup that runs in an temporary airgapped environment (i.e. not connected to any other network). The environment regularly gets stood up, but only for a few hours at a time.
The Collector system, however, does connect to a domain when this environment is not stood up.
So far I have been able to get the WEF setup, but I am struggling with Certs and Revocation status when trying to use HTTPS.
I am getting an error on the clients saying:
The server certificate on the destination computer <server.fqdn:5986> has the following errors:
The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable
How can I get Revocation status for a cert that has been issued by a CA that is not accessible from the client. The CDP listed in the cert has an LDAP url.
Thanks,
Iain
More...
I am trying to setup Windows Event forwarding for a small workgroup that runs in an temporary airgapped environment (i.e. not connected to any other network). The environment regularly gets stood up, but only for a few hours at a time.
The Collector system, however, does connect to a domain when this environment is not stood up.
So far I have been able to get the WEF setup, but I am struggling with Certs and Revocation status when trying to use HTTPS.
I am getting an error on the clients saying:
The server certificate on the destination computer <server.fqdn:5986> has the following errors:
The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable
How can I get Revocation status for a cert that has been issued by a CA that is not accessible from the client. The CDP listed in the cert has an LDAP url.
Thanks,
Iain
More...