Add a CRL Entry
The Configure Revocation List dialog lets you add a CRL entry to the certificate data store.
casso127
HID_add-crl
The Configure Revocation List dialog lets you add a CRL entry to the certificate data store.
The dialog contains the following settings:
- Issuer AliasSpecifies the Certificate Authority that is issuing the CRL.
- URLSpecifies the URL for the Certificate Authority issuing the CRL.Limit:File CRL or LDAP CRL location
- File CRL syntax must be file://path/filenameWindows Example:file:///c:/crls/crllist.crlUNIX Example:file:///usr/local/crldata/crllist.crlThe path on Solaris must be all lowercase.
- LDAP CRL syntax must be: ldap://server:port/entry_point_to_crlWindows/UNIX Example:ldap://crlserver1.ca.com:987/uid=crl1,dc=ad,dc=mycompany,dc=com
- Grace Period (days)Indicates the delay, in days, from when a certificate is revoked and the time the certificate becomes invalid. During the grace period,CA Single Sign-Oncan use a revoked certificate.Certificates listed in a CRL are not considered revokeduntilthe grace period expires. This grace period gives the customer time to update the partnership certificate so that the partnership does not suddenly stop working.