 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
A certificate revocation list (CRL) contains a list of digital certificates that have been canceled before their expiration date. When a participating peer uses a digital certificate, it checks the certificate signature and validity. It also acquires the most recently issued CRL and checks that the certificate serial number is not on that CRL.
To configure the CA certificate revocation list, include the crl statement and specify the file from which to read the CRL at the [edit security certificates certification-authority ca-profile-name] hierarchy level:
- [edit security certificates certification-authority ca-profile-name]
-
crl filename;
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |