Microsoft Windows Server 2003
CRL Distribution Point (CRLdp) certificate extension
CRLdp value must be configured manually during approval process
The first steps involve taking note of what CA, Jurisdiction and certificate profile that you are currently using. For example we start off with a system which does not have a CRL Distribution Point (CDP) currently configured:
In this example, we have:
CA = Production1024
Jurisdiction = Production1024?s Initial Jurisdiction
Profile = SSL Server
So, we will modify the system such that certificates which this Jurisdiction issues have a CDP.
Select the 
workbench on the administration GUI, and then select to copy the profile we currently use:
This will mean that we can always return to the original configuration. Once you click ?Copy? you will be lead straight into a configuration page where you may select a radio Button to make a CDP mandatory for this type of certificate:
Then scroll to the bottom and press ?Save?.
Now, we can go any approve a certificate on the 
workbench. As you work through the approval wizard you should start seeing the following, additional, questions for the vettor/approver to answer.
The end result is that the generated certificate should have a CDP which (when viewed with the default Microsoft certificate viewer) like this:
