crl
crl { ignored | optional | required }
Syntax
no crl
Command introduced before JUNOSe Release 7.1.0.
Release Information
Controls how the router checks certificate revocation lists (CRLs) when determining
Description
whether to accept a peer's certificates. The no version restores the default setting.
Options
IPSec CA Identity Configuration
Mode
ignored Specifies that the router will not try to find or use CRLs
optional Specifies that the router will try to find a CRL. If a CRL is found, the
peer certificate must not appear in the CRL. If no CRL is found, the peer can still
authenticate; this is the default.
required Specifies that the router must find a valid CRL; the CRL must be current,
and the peer certificate must not appear in the CRL
Chapter 4: C Commands
473
crl