Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass CRL error: Different CRL Scope

This thread has been viewed 21 times
  • 1.  ClearPass CRL error: Different CRL Scope

    Posted Feb 03, 2020 07:07 AM

    Hi Community,

     

    a customer is faceing an issue with CRLs in ClearPass. He has an offline Root-CA and an online Sub-CA on microsoft server. Certificate based LAN auth is working fine until you load the crls into clearpass. There is an error in the logs:

     

    verify error:num=44:Different CRL scope

     

    I found some sources stating that the DP entry in the Cert and the IDP entry in the crl must match. I verified that both URLs are the same.

     

    Any clue how to fix this?



  • 2.  RE: ClearPass CRL error: Different CRL Scope

    Posted Sep 25, 2023 09:56 AM

    Hi. I got a similar problem. Did you find out what the problem was and solved the problem?




  • 3.  RE: ClearPass CRL error: Different CRL Scope

    Posted Oct 16, 2023 11:45 PM

    Any solutions here also have the same problem that just started after the Enterprise CA setup was migrated to MS Server 2019.