When you sign a CRL with Openssl you don’t have the attribute “Published CRL Locations”. It tells where the revocation lists are or should be published. Without this attribute there is no way for certutil to know where to save your CRL in Active Directory.
1. Remove existing cRLDistributionPoint in Active Directory with adsiedit.msc
2. Create an emtpy cRLDistributionPoint with the name according to your CDP location in your certificates.
certutil -f -addstore “ldap:///CN=CA-Name,CN=Server,CN=CDP,CN=PublicKey Services,CN=Services,CN=Configuration,DC=Domain,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint” “Your new CRL”