Install CRL/CKL

This page allows you to install or replace a certificate revocation list (CRL) or a compromised key list (CKL) as published by a certificate authority (CA).

CRLs and CKLs list any certificates and keys that client users or server users should no longer trust. Typical situations include:

Both CRLs and CKLs are produced and periodically updated by a CA. As the administrator, you can install new lists, replace existing lists, or delete existing CRLs or CKLs from your system.

The following table describes the fields and buttons on the page. The left column lists the fields and buttons; the right column describes the functionality.

Field or Button
Description

File Contains:

Indicates what type of list you are installing:

  • Certificate Revocation List (CRL): Certificates that have been revoked.

  • Compromised Key List (CKL): Keys that have been compromised or tampered with.

The CRL/CKL is in this file:

Specifies the full pathname to the list that you have downloaded from the CA's site.

OK

Saves your entries.

  • If you selected CRL, the Add CRL page appears listing CRL information

  • If you selected CKL, the Add CKL page appears listing CKL information.

  • If a CRL or CKL already exists in the database, the Replace CRL or Replace CKL page appears. In this case, click Replace to replace the list with the new list.

You must restart the server for your changes to take effect.

Reset

Resets the values on the page to the default values.

See also

Manage CRL/CKL


Legal Notices