Device Configuration 5 - 335
5.4.5.5.6 Overriding a Certificate Revocation List (CRL) Configuration
Overriding a Security Configuration
A certificate revocation list (CRL) is a list of certificates revoked or are no longer valid. A certificate can be revoked if the
certificate authority (CA) had improperly issued a certificate, or if a private-key is compromised. The most common reason for
revocation is the user no longer being in sole possession of the private key.
To define a Certificate Revocation configuration or override:
1. Select Devices from the Configuration tab.
2. Select Device Overrides from the Device menu to expand it into sub menu options.
3. Select a target device from the device browser in the lower, left-hand, side of the UI.
4. Select Security to expand its sub menu options.
5. Select Certificate Revocation.
Figure 5-222 Device Overrides - Certificate Revocation screen
6. Select the + Add Row button to add a column within the Certificate Revocation List (CRL) Update Interval table to
quarantine certificates from use in the network.
Additionally, a certificate can be placed on hold for a user defined period. If, for instance, a private key was found and
nobody had access to it, its status could be reinstated.
7. Provide the name of the trustpoint in question within the Trustpoint Name field. The name cannot exceed 32 characters.
8. Enter the resource ensuring the trustpoint’s legitimacy within the URL field.
NOTE: A blue override icon (to the left of a parameter) defines the parameter as having
an override applied. To remove an override, go to the Basic Configuration screen’s
Device Overrides field and select Clear Overrides. This will remove all overrides
from the device.
To Next Page
Loading...
