[Contents] [Prev] [Next] [Index] [Report an Error]

revocation-check

Syntax



revocation-check {
disable;



crl {
refresh-interval number-of-hours;


url {

url-name;
}


}


}

Hierarchy Level



[edit security pki ca-profile ca-profile-name]

Release Information

Statement introduced in JUNOS Release 8.1.

Description

Specify the method to verify revocation status of digital certificates for J-series Services Routers and Adaptive Services (AS) and MultiServices PICs installed in M-series and T-series routing platforms.

Options

disable—Disable verification of status of digital certificates.
crl—Only certificate revocation list (CRL) is supported. A CRL is a time-stamped list identifying revoked certificates, which is signed by a CA and made available to the participating IPSec peers on a regular periodic basis. By default, crl is enabled.
The remaining statements are explained separately.

Usage Guidelines

See Configuring the Certificate Revocation List.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

[Contents] [Prev] [Next] [Index] [Report an Error]