Setting The Certificate Revocation List (Crl) Configuration - Motorola WiNG 5 System Reference Manual

5.3.6.3 Setting the Certificate Revocation List (CRL) Configuration


Profile Security Configuration
A certificate revocation list (CRL) is a list of certificates that have been revoked or are no longer valid. A certificate can be
revoked if the certificate authority (CA) had improperly issued a certificate, or if a private-key is compromised. The most
common reason for revocation is the user no longer being in sole possession of the private key.
To define a CRL configuration that can be applied to a profile:
1. Select the Configuration
2. Select Devices.
3. Select System Profile
4. Expand the Security
5. Select the + Add Row
to quarantine certificates from use in the network.
Additionally, a certificate can be placed on hold for a user defined period. If, for instance, a private key was found and
nobody had access to it, its status could be reinstated.
6. Provide the name of the trustpoint in question within the
characters.
7. Enter the resource ensuring the trustpoint's legitimacy within the
8. Use the spinner control to specify an interval (in hours) after which a device copies a CRL file from an external server
and associates it with a trustpoint.
9. Select OK to save the changes made within the Certificate Revocation screen. Select
configuration.
tab from the Web UI.
from the options on left-hand side of the UI.
menu and select Certificate
Figure 5-60 Security Certificate Revocation screen
button to add a column within the
Revocation.
Certificate Revocation List (CRL) Update Interval
Trustpoint Name field. The name cannot exceed 32
URL field.
Device Configuration 5 - 113
Reset to revert to the last saved
table