cancel
Showing results for 
Search instead for 
Did you mean: 
wajeeh_r
Level 9

Certificate status can not be determined, revocation check failed

Jump to solution

Dear All,

I've certificate for exchange 2010 so when accessing email on mobile device or through web browser OWA when out side office it is used. It is bought from Go Daddy, but in exchange 2010 I get the message,

"certificate status can not be determined because revocation check failed"

Please see attached picture for the message, on exchange if in case I need to access some site for internet, I am using proxy in browser which is sending every request to McAfee Gateway, My question is what exceptions requirement to be placed in gateway to remove this 'failed revocation message'

Please assist on this.

Kind Regards,

0 Kudos
1 Solution

Accepted Solutions
wajeeh_r
Level 9

Re: Certificate status can not be determined, revocation check failed

Jump to solution

Dear Asabban,

I've fixed my problem following the below given articles:

http://exchangeserverpro.com/exchange-2010-certificate-revocation-checks-and-proxy-settings/

http://www.petenetlive.com/KB/Article/0000484.htm

it was not the problem from gateway not allowing for CRl OR OCSP sites but it was related to changing winhttp proxy settings. See attached photo after the change according to above articles

Go_Daddy_Cert_Fixed.jpg

Thanks,

0 Kudos
5 Replies
asabban
Level 17

Re: Certificate status can not be determined, revocation check failed

Jump to solution

First of all and without further investigations you could try to add "crl.godaddy.com" to the Global White/Allow list that is present in the rule set by default. Then try again.

Best,

Andre

0 Kudos
wajeeh_r
Level 9

Re: Certificate status can not be determined, revocation check failed

Jump to solution

Hello Asabban,

I've added now the URL in global whitelist /Allow, I will check if it helps, I will post back again, I have added all below URL's with a * in the beginning to my global white list URL for example "*.crl.godaddy.com" is this correct ?

CRL_OCSP.jpg

the above image is taken from GoDaddy Site itself. I will post back

thanks,

wajeeh_r
Level 9

Re: Certificate status can not be determined, revocation check failed

Jump to solution

Hello,

Even after I added all below to global whitelist, still revocation error as it is. Any further assistance for this ?

0 Kudos
wajeeh_r
Level 9

Re: Certificate status can not be determined, revocation check failed

Jump to solution

Dear Asabban,

I've fixed my problem following the below given articles:

http://exchangeserverpro.com/exchange-2010-certificate-revocation-checks-and-proxy-settings/

http://www.petenetlive.com/KB/Article/0000484.htm

it was not the problem from gateway not allowing for CRl OR OCSP sites but it was related to changing winhttp proxy settings. See attached photo after the change according to above articles

Go_Daddy_Cert_Fixed.jpg

Thanks,

0 Kudos
wajeeh_r
Level 9

Re: Certificate status can not be determined, revocation check failed

Jump to solution

Dear All any assistance for above subject for "The certificate status can not be determined because revocation check failed" on Exchanghe 2010, I've in my IE proxy settings using those settings I access any site if needed. How do we make sure we have access to CRL OCSP services going through web gateway.

Thanks,

0 Kudos