Have Microsoft pki running for 2 years SCCM relies upon it at this point as well as the CMG and Intune. The ca servers are all 2019 as well is AD schema and forest functional level. We have one roots CA off domain and offline and one subca on the domain. Have a webserver in our dmz and I am trying to publish the crl there for Windows Hello clients. How do I update the rootca CRl and get it to the webserver? I have red x on the CDP and AIA locations in pkiveiw for the the http extensions of both and I cant seem to change. Am I screwed ? Do I have to build again?
Thanks for any help