Installing And Managing Crls And Ckls; Installing A Local Crl Or Ckl - Netscape ENTREPRISE SERVER 6.1 - 04-2002 ADMINISTRATOR Administrator's Manual

Installing and Managing CRLs and CKLs

Installing and Managing CRLs and CKLs
Certificate revocation lists (CRLs) and compromised key lists (CKLs) make known
any certificates and keys that either client or server users should no longer trust. If
data in a certificate changes, for example, a user changes offices or leaves the
organization before the certificate expires, the certificate is revoked, and its data
appears in a CRL. If a key is tampered with or otherwise compromised, the key and
its data appear in a CKL. Both CRLs and CKLs are produced and periodically
updated by a CA.

Installing a Local CRL or CKL

To install a local CRL or CKL from a CA, perform the following steps:
Obtain the URL provided by the CA for downloading CRLs or CKLs.
1.
Enter the URL in your browser to access the site.
2.
Follow the instructions provided by the CA for downloading the CRL or CKL
3.
to a local directory.
Access either the Enterprise Server Administration Server or the Server
4.
Manager and choose the Security tab.
For the Server Manager you must first select the server instance from the
drop-down list.
Click the Install Local CRL/CKLs link.
5.
Select either:
6.
Enter the full path name to the associated file.
7.
Click OK.
8.
102 Netscape Enterprise Server Administrator's Guide • April 2002 (Draft)
Certificate Revocation List
Compromised Key List
If you selected Certificate Revocation List, the Add Certificate Revocation
List page will appear listing CRL information.