Recently some server certs expired, and I regenerated them with the "repair default certificates" in iManager, but when I went to verify them, I got the error " Invalid: Expired CRL". I went to the Configure CA/CRL tab, and I have one CRL (called "One"), and I am able to issue a current CRL, which is empty, by the way. I can see the CRL being updated in the filesystem, and I can run "openssl crl -text -inform DER -in One.crl" against it, and it returns a current issue date and Next Update date, with No Revoked Certificates. It's accessible through http (which is how the CRLDP is set up). It's not getting an HTTP 302 redirect (from TID:

I'm not sure how else to check the validity of the CRL, or where it's getting the "expired" status from.
Can anyone point me in the right direction?