I was expecting to see "Revocation Information: CRL" for my site, but the test instead produces "Revocation Information: None" with no CRL errors. I was curious if any of these factors could be the cause:
- Root certificate is self-signed and globally untrusted
- Root certificate, web certificate and the CRL are signed using SHA512
- The CRL is empty (no certificates have been revoked)
The CRL is definitely accessible as clients can and do download it regularly so for all intents and purposes other than the test, it seems to be functioning correctly. The CA used to sign the certificates/CRL is running on Windows Server 2012 R2 and the web server is IIS 8.5. On our old server running 2003 R2/IIS 6.0, the test would produce the expected result "Revocation Information: CRL"
Can PM the site to diagnose. Thanks for your help!