5 - 146 WiNG 5.6 Access Point System Reference Guide
5.2.7.4 Setting the Certificate Revocation List (CRL) Configuration
Profile Security Configuration
A certificate revocation list (CRL) is a list of certificates that have been revoked or are no longer valid. A certificate can be
revoked if the certificate authority (CA) had improperly issued a certificate, or if a private-key is compromised. The most
common reason for revocation is the user no longer being in sole possession of the private key.
To define a CRL configuration that can be applied to a profile:
1. Select the Configuration tab from the Web UI.
2. Select Devices.
3. Select System Profile from the options on left-hand side of the UI.
4. Expand the Security menu and select Certificate Revocation.
Figure 5-94 Profile Security - Certificate Revocation List (CRL) Update Interval screen
5. Select the + Add Row button to add a column within the Certificate Revocation List (CRL) Update Interval table to
quarantine certificates from use in the network.
Additionally, a certificate can be placed on hold for a user defined period. If, for instance, a private key was found and
nobody had access to it, its status could be reinstated.
6. Provide the name of the trustpoint in question within the Trustpoint Name field. The name cannot exceed 32 characters.
7. Enter the resource ensuring the trustpoint’s legitimacy within the URL field.
8. Use the spinner control to specify an interval (in hours) after which a device copies a CRL file from an external server and
associates it with a trustpoint.
9. Select OK to save the changes made within the Certificate Revocation List (CRL) Update Interval screen. Select Reset
to revert to the last saved configuration.
To Next Page
Loading...
