Applies to: Centrify DirectSecure 1.2 and below
The need is to establish IPSEC between Unix, Linux and Windows servers. The policies are applied through group policies using Certificates for authentication.
The CA is configured such that the HTTP URI is not published in the CRL Distribution path attribute of the client certificates.
However the CRLs are not being downloaded.
Only CRL URIs that use HTTP are supported which is why the LDAP CRL URL cannot be handled.
This has been included into DirectSecure 1.3, which supports both HTTP and LDAP CRL URIs.