CRL Configuration Page
This page allows you to view and/or configure the Certificate Revocation List (CRL). The configuration information is stored in the CRL Configuration object.
Last CRL Issuance
- Last Success: Displays the date and time of the last successful CRL issuance.
- Last Attempt: Displays the date and time of the last attempt to issue a CRL.
- Status: Displays the results of the last attempt to issue a new CRL. If the last attempt to issue a CRL was successful, the field will display Success. If unsuccessful, the field will display an error code. Click Refresh to get the latest report on status.
Next CRL Issuance
- Issue Date: Displays the date and time of the next scheduled CRL issuance. Click the Date and Time button to set the date and time for the next CRL issuance or click Issue Now to have the CRL issued immediately.
- Repeat Every: Using these two fields, select how often you would like the CRL to be issued. Issuing the CRL frequently increases the chance that your cryptography-enabled applications will detect and reject revoked certificates in a timely manner. However, more frequent issuances put more demands on the system.
- Extend validity by following hour(s): Using this option, the validity of the CRL can be extended. You can enter any value ranging from 1 to 12 hours.
CRL File Name
This field displays where the CRL is physically stored on the host server of the Organizational CA.
CRL Distribution Points
This section lists the CRL Distribution Points this CRL uses. In other words, it lists the various ways the CRL is made available to your cryptography-enabled applications.
- New: Click New to launch a wizard that will help you create new distribution points.
- Edit: Click the name of a distribution point to modify its location.
- Delete: Select a distribution point, then click Delete to remove it from the list.