Manually load Microsoft Certificate Revocation lists

When starting a .NET application, the .NET Framework will attempt to download the Certificate Revocation list (CRL) for any signed assembly. If your system does not have direct access to the Internet, or is restricted from accessing the Microsoft.com domain, this may delay startup of BizTalk Server (Non solo). To avoid this delay at application startup, you can use the following steps to manually download and install the code signing Certificate Revocation Lists on your system.

  1.  Download the latest CRL updates from http://crl.microsoft.com/pki/crl/products/CodeSignPCA.crl<http://go.microsoft.com/fwlink/?LinkID=117794&gt; (http://go.microsoft.com/fwlink/?LinkID=117794) and http://crl.microsoft.com/pki/crl/products/CodeSignPCA2.crl<http://go.microsoft.com/fwlink/?LinkId=117795&gt; (http://go.microsoft.com/fwlink/?LinkId=117795).
  2.  Move the CodeSignPCA.crl and CodeSignPCA2.crl files to the isolated system.
  3.  From a command prompt, enter the following command to use the certutil utility to update the local certificate store with the CRL downloaded in step 1:

certutil -addstore CA c:\CodeSignPCA.crl
certutil -addstore CA c:\ CodeSignPCA2.crl

The CRL files are updated regularly, so you should consider setting a reoccurring task of downloading and installing the CRL updates. To view the next update time, double-click the .crl file and view the value of the Next Update field.
Trato da:

General Guidelines for Improving Operating System Performance:
http://msdn.microsoft.com/en-us/library/ee377075(BTS.10).aspx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: