We see we have some CRL distribution points in the certificate as well – remember that. Also see that we can do Web Server and Web Client authentication.

Let’s use HTTPS. Everything should be fine right? Wrong! The client has failed its server certificate checks. Why? It says that the Security Certificate was not issued by a trusted certificate authority. The browser’s certificate store must not know about our R2 and RootCA certificate authorities. Let’s correct that. First, we need to go back to R2’s CA web server.

41