If a Windows host has multiple RDP certificates. Do all get checked while connecting or only the first found?
I have a RDP certificates deployed from an Root CA with now invalid OCSP location in the AIA. Connecting to every hosts now takes obviously more to check the invalid OCSP address. I would deploy additional valid RDP certificates, but I am unsure how it handles both certificates. If I am correct, then it won't bother to check expired certs.
But would it check all RDP certs if they are not expired and then of course still complain about the invalid OCSP?
I would hope that it somehow is satisfied with one completely valid RDP cert.
With RDP certificate I mean a certificate with enhanced key usage of value "1.3.6.1.4.1.311.54.1.2"