We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • IIS 10 with AAR and CRL

    Feb 28, 2019 02:53 PM|waaalex|LINK

    Hello,

    We are trying to publish exchange OWA 2016 throught reverse proxy with IIS 10 AAR placed in DMZ.

    This is working well.

    Now we need to connect with client certificate and this does not work (error 403.13)

    ISS 10 AAR in DMZ

    CRL list is available from ldap and http, IIS AAR is not domain joined so i try to use http to join CRL.

    I have tested CRL with certutil (on admin session and local system with psexec) and wfetch and it's working.

    But on we i tried to connect to OWA, i m prompted for certificate and get 403.13 error. Revocation server is offline even i can join crls with internet explorer on this server.

    I'm really stuck here. Any idea? I don't want to disable CRL verification