EverTrust Logo
Products
Cloud Horizon Horizon Client OCSPd (legacy) Product lifecycle Stream WinHorizon
Support

Stream

  • Installation
    • Introduction
    • Pre-requisites
    • Installation
      • Installation Procedure
      • Installing MongoDB Community Edition
      • Installing NGINX
      • Installing Stream
      • Configuring the Firewall
    • Configuration
      • Stream Initial Configuration
      • Installing a Server Authentication Certificate
      • Creating an administrator account
    • Initial Stream Access
    • Upgrade Procedure
    • Uninstallation Procedure
    • Troubleshooting with Stream doctor
  • Admin guide
    • Introduction
    • Managing Certification Authorities
      • Importing an External Certification Authority
      • Importing an existing Managed Certification Authority
      • Issuing a new Root Certification Authority
      • Issuing a subordinate Certification Authority
      • Note on CRLDP and AIA settings
    • Managing Certificate Revocation Lists
      • Configuring Certificate Revocation Lists for an External CA
      • Configuring Certificate Revocation Lists for a Managed CA
      • Viewing CRLs
      • Downloading CRLs
    • Managing Keystores & Keys
      • Keystores in Stream
      • Software keystore
      • PKCS#11 HSM
      • Cloud KMS
        • Setting up a Google Cloud Key Management (GCP CKM)
        • Setting up an AWS Key Management Service (AWS KMS)
        • Microsoft Azure Key Vault (AKV)
      • Managing keys in Stream
    • Managing Certificate Templates & EKUs
      • Certificate Templates
      • Extended Key Usage
    • Managing Security
      • Accounts
      • Roles
      • Credentials
    • Managing Certificate Lifecycle
  • Release notes
    • Stream 1.0.4 release notes
  • Stream
  • Admin guide
  • Managing Certification Authorities
  • Note on CRLDP and AIA settings
2.1 2.0 1.3 1.2 1.1 1.0

Note on CRLDP and AIA settings

⚠ Deprecated: This version reached LDOS on 23/01/2025.

Regardless of the CA type, the setting "CRLDP" refers to the CRL of the CA you are configuring, and NOT the one of the issuing CRL. Same goes for the AIA: you need to specify the certificate of the CA you are configuring, and not the certificate of its issuing CA.
Issuing a subordinate Certification Authority Configuring Certificate Revocation Lists for an External CA