Log into the certificate authority (CA)
Publish the template
Configure the AIA settings on the CA
In this example, a separate computer will run NDES and OCSP.
Launch the server manager and install the following “roles”.
Note: Only new certificates will have the OCSP extension.
Test the URL from the client device.
- Export the certificate from the MMC console
- Use the certutil command
Configure RADIUS (Cisco ISE) with the OCSP URL
Create an OCSP profile
Save.