crl

This command enters CRL mode to create or modify a CRL update policy.

Syntax

crl name { http | ldap }

no crl name

Parameters

name
Specifies the name of the CRL update policy.
The name can contain a maximum of 32 characters. The following characters are valid:
  • a through z
  • A through Z
  • 0 through 9
  • Underscore (_)
  • Dash (-)
  • Period (.)
Note: Names cannot be a single period or two consecutive periods.
http
Indicates an HTTP-enabled CRL update policy.
ldap
Indicates an LDAP-enabled CRL update policy.

Guidelines

The crl command enters CRL mode to create or modify a CRL (certificate revocation list) update policy.

  • Use the fetch-url and refresh commands to define an HTTP-enabled CRL update policy
  • Use the bind-dn, bind-pass, read-dn, refresh, and remote-address commands to define an LDAP-enabled CRL update policy.

Use the no crl command to delete a CRL update policy.

Examples

  • Create the HTTP30 HTTP-enabled CRL update policy. 
    # crl HTTP30 http
Entering CRL mode for 'HTTP30'
  • Create the LDAP1440 LDAP-enabled CRL update policy. 
    # crl LDAP1440 ldap
Entering CRL mode for 'LDAP1440'
  • Delete the LDAP1440 LDAP-enabled CRL update policy. 
    # no crl LDAP1440