Accessing the Administration Tools is slow in a disconnected environment
When accessing the administration tools in a disconnected environment where the computer running the XIA Configuration Client does not have internet access you may find that the administration tools user interface may be slow to load or respond.
The administration tools are digitally signed using a DigiCert certificate and this issue is seen when the computer running XIA Configuration Client cannot check the certificate revocation list (CRL) for the digital certificate.
Resolution 1 (Recommended)
Ensure that the computer running the XIA Configuration Client has internet access.
NOTE: The following steps are for reference only. Please review the following Microsoft documentation and ensure you understand the risks and issues associated with changes to the security settings on Windows.
- On a computer with internet access create a directory for example
- In a command prompt run the following command.
certutil -syncWithWU C:\CTL
- Download the DigiCert certificate revocation list (CRL) files to the CTL directory.
- Once the certificates are downloaded copy the C:\CTL directory to the computer in the disconnected environment.
- On the computer in the disconnected environment open regedit and set the following registry key
- Install the DigiCert certificate revocation list (CRL) files by either
Right click the CRL files and select Install CRL
- or -
certutil -addstore CA C:\CTL\sha2-assured-cs-g1.crl
certutil -addstore ROOT C:\CTL\sha2-assured-cs-g1.crl
certutil -addstore CA C:\CTL\DigiCertAssuredIDRootCA.crl
certutil -addstore ROOT C:\CTL\DigiCertAssuredIDRootCA.crl
NOTE: The trusted and untrusted CTLs can be updated on a daily basis, so ensure that you keep the files synchronized by using a scheduled task or another method.
NOTE: This resolution is not recommended as this reduces security.
- Go to Control Panel > Internet Options.
- On the Advanced tab uncheck the Check for publisher's certificate revocation checkbox.
- Click OK