EverTrust Logo
Products
Cloud Horizon Horizon Client OCSPd (legacy) Product lifecycle Stream WinHorizon
Support

Stream

  • Installation
    • Introduction
    • Installing on CentOS/RHEL
      • Pre-requisites
      • Installation
        • Installing MongoDB
        • Installing NGINX
        • Installing Stream
      • Configuration
        • Initial Configuration
        • Bootstrapping EverTrust Stream
        • Initial Key Ceremony
        • Finalizing Stream Configuration
      • Security Guidelines
      • Upgrade
      • Uninstallation
    • Installing on Kubernetes
      • Installation
      • First login
      • Production checklist
      • Upgrade
      • Uninstallation
      • Advanced usage
    • Troubleshooting
  • Admin guide
    • Introduction
    • Managing Certification Authorities
      • Importing an External Certification Authority
      • Importing an existing Managed Certification Authority
      • Issuing a new Root Certification Authority
      • Issuing a subordinate Certification Authority
      • Note on CRLDP and AIA settings
    • Managing Certificate Revocation Lists
      • Configuring Certificate Revocation Lists for an External CA
      • Configuring Certificate Revocation Lists for a Managed CA
      • Viewing CRLs
      • Downloading CRLs
      • Configuring an external storage for your CRLs
    • Managing Keystores & Keys
      • Keystores in Stream
      • Software keystore
      • PKCS#11 HSM
      • Cloud KMS
        • Setting up a Google Cloud Key Management (GCP CKM)
        • Setting up an AWS Key Management Service (AWS KMS)
        • Microsoft Azure Key Vault (AKV)
      • Managing keys in Stream
    • Managing Certificate Templates & EKUs
      • Certificate Templates
      • Extended Key Usage
    • Managing Security
      • Permissions
      • Accounts
      • Roles
      • Credentials
      • Enforce Certificate Authentication
      • Events
    • Managing Certificate Lifecycle
    • Backup and Restore
    • Overridable configuration parameters
  • Release notes
    • Stream 1.2.1 release notes
    • Stream 1.2.0 release notes
  • Stream
  • Admin guide
  • Managing Certification Authorities
  • Note on CRLDP and AIA settings
2.1 2.0 1.3 1.2 1.1 1.0

Note on CRLDP and AIA settings

Regardless of the CA type, the setting "CRLDP" refers to the CRL of the CA you are configuring, and NOT the one of the issuing CRL. Same goes for the AIA: you need to specify the certificate of the CA you are configuring, and not the certificate of its issuing CA.
Issuing a subordinate Certification Authority Configuring Certificate Revocation Lists for an External CA