ike crl
Controls how the router handles certificate revocation lists (CRLs) during negotiation of IKE phase 1 signature authentication. The no version returns the CRL setting to the default, optional.
 |
NOTE: This command has been replaced by the ipsec crl command and may be removed completely in a future release. |
ike crl { ignored | optional | required }
- ignored—Allows negotiations to succeed even if a CRL is invalid or the peer's certificate appears in the CRL; this is the most lenient setting
- optional—If the router finds a valid CRL, it uses it; this is the default
- required—Requires a valid CRL; either the certificates belonging to the E-series router or the peer must not appear in the CRL; this is the strictest setting
Global Configuration
Release Information Command introduced before JUNOSe Release 7.1.0.