Crl Update-Period - H3C S5120-SI Series Command Reference Manual
Hide thumbs
Also See for S5120-SI Series:
- Configuration manual (745 pages) ,
- Operation manual (697 pages) ,
- Command reference manual (209 pages)
Table of Contents
Advertisement
Parameters
disable: Disables CRL checking.
enable: Enables CRL checking.
Description
Use the crl check command to enable or disable CRL checking.
By default, CRL checking is enabled.
CRLs are files issued by the CA to publish all certificates that have been revoked. Revocation of a
certificate may occur before the certificate expires. CRL checking is intended for checking whether a
certificate has been revoked. A revoked certificate is no longer trusted.
Examples
# Disable CRL checking.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl check disable
crl update-period
Syntax
crl update-period hours
undo crl update-period
View
PKI domain view
Default Level
2: System level
Parameters
hours: CRL update period in hours, in the range 1 to 720.
Description
Use the crl update-period command to set the CRL update period, that is, the interval at which a PKI
entity with a certificate downloads the latest CRL from the LDAP server.
Use the undo crl update-period command to restore the default.
By default, the CRL update period depends on the next update field in the CRL file.
Examples
# Set the CRL update period to 20 hours.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl update-period 20
1-8
Advertisement
Chapters
Table of Contents
