I'm trying to install an application on a machine running Windows XP Pro.
There are two different servers being contacted, both using the same wildcard certificate (GoDaddy). One via https, one via net.tcp with ssl. Both are WCF services.
The first (via https) worked fine from the beginning. The TCP connection, however, fails with the error message "The revocation function was unable to check revocation because the revocation server was offline"
We got the IT guy to temporarily disable the proxy, and the TCP connection was successful, but he can't leave it off forever and we need to figure out what revocation server is being used.
According to this article on GoDaddy's support site (http://support.godaddy.com/help/article/6723/verifying-a-certificates-validity-on-your-computer), you need to have one of these open for the revocation check to succeed:
- crl.godaddy.com
- certificates.godaddy.com
- crl.starfieldtech.com
- certificates.starfieldtech.com
We can ping them all just fine with the proxy running, but the TCP connection doesn't work.
How do I troubleshoot this? Is there a good way to figure out what CRL the app is attempting to contact?