This page allows you to install or replace a certificate revocation list (CRL) or a compromised key list (CKL) as published by a certificate authority (CA).
CRLs and CKLs list any certificates and keys that client users or server users should no longer trust. Typical situations include:
If data in a certificate changes, for example, if a user changes offices or leaves the organization before the certificate expires, the certificate is revoked, and its data appears in a CRL.
If a key is tampered with or otherwise compromised, the key and its data appear in a CKL.
Both CRLs and CKLs are produced and periodically updated by a CA. As the administrator, you can install new lists, replace existing lists, or delete existing CRLs or CKLs from your system.
The following table describes the fields and buttons on the page. The left column lists the fields and buttons; the right column describes the functionality.
Field or Button
|
Description
|
---|---|
File Contains: |
Indicates what type of list you are installing:
|
The CRL/CKL is in this file: |
Specifies the full pathname to the list that you have downloaded from the CA's site. |
OK |
Saves your entries.
You must restart the server for your changes to take effect. |
Reset |
Resets the values on the page to the default values. |
See also | |
---|---|