pki crlconfig
PKI CRL configuration.
SYNTAX:
pki crlconfig
where:
checking_enabled
use_expired_crls
dist_point1
fetch_dynamically
check_cert_extension
time_checking
net_timeout
http_proxy_address
http_proxy_port
716
[checking_enabled = <{disabled|enabled}>]
[use_expired_crls = <{disabled|enabled}>]
[dist_point1 = <quoted string>]
[fetch_dynamically = <{disabled|enabled}>]
[check_cert_extension = <{disabled|enabled}>]
[time_checking = <{disabled|enabled}>]
[net_timeout = <number>]
[http_proxy_address = <ip-address>]
[http_proxy_port = <number>]
Enable/Disable CRL checking.
Allow certs with expired CRL entries.
The URI to fetch CRL's from. The URI must
contain the IP address of the LDAP or HTTP
server.
Enable/Disable dynamic CRL retrieval.
Look for crlDistributionPoint extension.
Enable/Disable the handling of time restrictions.
Define maximum retry period in seconds to
connect to external servers.
IP address of HTTP proxy to use for CRL
retrieval. All zero means no proxy.
HTTP proxy port. All zero means no proxy port.
pki Commands
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20080409-0002 v2.0