I made my own CA for Authenticode to be used by third party developers for an application I'm writing. I want to make sure that I can revoke certificates, and am testing the CRL behavior of my CA and chain.
For some reason Windows cannot find the CRL even though I can get it with my browser.
A signed exe is here: http://www.rhino3d.com/developer/authenticode/RmaBrowser.t3.exe
The CRL pointed to by this EXE is at http://www.rhino3d.com/developer/authenticode/mcneel.crl (corrected typo, this was incorrectly mcneel.exe when I first asked the question)
But when I:
- Right-click the EXE in Windows
- click Properties
- Digital Signatures
- Details
- View Certificate
- Details
I see "Extended Error Information: Revocation Status : The revocation function was unable to check revocation because the revocation server was offline."