Revocation status of DC can't be verified
- by DotGeorge
A Domain Controller within my forest was working fine (as the story usually goes).
Then, suddenly, I can't logon with my smart card. Instead, I'm greeted with the following message:
The system could not log you on. The revocation status of the domain
controller certificate used for smart card authentication could not be
determined.
I literally have no idea what's happened here. As an attempted quick fix, I removed the root certificate which issued the Smart Card's certificate from the CA of both the client and DC. Then imported a newly exported one from the DC in question. Same issue.
I've spotted a number of related articles on Microsoft's forums and a HP support document. Each don't really shed much light as it's a generic error message apparently.
Having said all of this, other smart cards (issued from other DCs) work fine. So I have no idea what's up with this one.