Client not able to authenticate to server, when CA goes down

Hi,

 

We have an application which authenticates using the active directory credential and smartcard certificate.

 

But when the issuer Certificate Authority goes down, we are not able to access the particular application using the Smartcard Certificate issued by the same Sub CA, but we are successfully able to login to the application using the user’s smartcard certificate which are issued by other sub CA

 

What may be the reason?

 

1. Clients, application server and Sub CAs are in 1 domain
2. The authenticate users are in a group inside Active Directory.
3. The Server certificate is issued from one of the Sub CA.
4. we have one root ca and 2 sub ca.

 

Please help

 

Thanks!

 

Sam

The web server you are accessing is probably using the Online Certificate Status Protocol to perform a real-time certificate validation that is independent of/ in addition to that done by the domain. Each Certification Authority probably resides in a different location. Presenting the web server with another valid certificate but from another CA is all it takes to access the web application.