Views
PKI domain view
Predefined user roles
network-admin
Usage guidelines
A CRL is a file issued by a CA to publish all certificates that have been revoked. Revocation of a
certificate might occur before the certificate expires. CRL checking is intended for checking whether a
certificate has been revoked. A revoked certificate is no longer trusted.
Examples
# Disable CRL checking.
<Sysname> system-view
[Sysname] pki domain aaa
[Sysname-pki-domain-aaa] undo crl check enable
Related commands
• pki import
• pki retrieve-certificate
• pki validate-certificate
crl url
Use crl url to specify the URL of the CRL repository.
Use undo crl url to remove the configuration.
Syntax
crl url url-string [ vpn-instance vpn-instance-name ]
undo crl url
Default
The URL of the CRL repository is not specified.
Views
PKI domain view
Predefined user roles
network-admin
Parameters
url-string: Specifies the URL of the CRL repository, a case-sensitive string of 1 to 511 characters in the
format of ldap://server_location or http://server_location, where server_location can be an IP address
or a domain name.
180
To Next Page
Loading...
Need help?
General
