Problem

Validation Authority failed to fetch CRL from Windows Network Share location.

Getting error: Reason:Unknown Error.

Resolution

High level steps: (See attached CRL_Network_Fetch.docx for detailed steps)

Enable SMB 1.0/CIFS Server

Server manager>Manage>Add Roles and Features. Enable SMB 1.0/CIFS Server

Reboot Windows Server after installing SMB 1.0/CIFS Server

Create a folder on the server you want to fetch the CRLs from.

Example: C:\Shared_CRLs

Add “Everyone” with “Read” permissions to both the Share and Security permissions. The “Locations” should be the local machine.

Set Security Permissions: Read & execute, List folder contents, Read

Copy CRLs to shared folder

Launch gpedit.msc

Configure Network access

Computer Configuration>Windows Settings>Security Settings>Local Policies>Security Options. Change “Network access: Let Everyone permissions apply to anonymous users” to enabled

Reboot Windows Server