225
Description
Use the crl update-period command to set the CRL update period, that is, the interval at which a PKI
entity with a certificate downloads the latest CRL from the LDAP server.
Use the undo crl update-period command to restore the default.
By default, the CRL update period depends on the next update field in the CRL file.
Examples
# Set the CRL update period to 20 hours.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl update-period 20
crl url
Syntax
crl url url-string
undo crl url
View
PKI domain view
Default level
2: System level
Parameters
url-string: URL of the CRL distribution point, a case-insensitive string of 1 to 127 characters in the format
ldap://server_location or http://server_location, where server_location must be an IP address and does
not support domain name resolution.
Description
Use the crl url command to specify the URL of the CRL distribution point.
Use the undo crl url command to remove the configuration.
By default, no CRL distribution point URL is specified.
When the URL of the CRL distribution point is not set, you should acquire the CA certificate and a local
certificate, and then acquire a CRL through SCEP.
Examples
# Specify the URL of the CRL distribution point.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl url ldap://169.254.0.30
display pki certificate
Syntax
display pki certificate { { ca | local } domain domain-name | request-status } [ | { begin | exclude |
include } regular-expression ]
To Next Page
Loading...
Need help?
General
