2 Sep
2019
2 Sep
'19
11:01 a.m.
Certificates are issued from IPA CA with the OCSP responder URI http://ipa-ca.$DOMAIN/ca/ocsp and CRL distribution point http://ipa-ca.$DOMAIN/ipa/crl/MasterCRL.bin (these are set in the certificate extensions).
flo
Thanks! Does it have to be an IPA server with CA? What if it doesn't have CA component - will it forward the request to one of the IPA servers with CA?