Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


actions (Services SSL Initiation)


Hierarchy Level


Specify the certification revocation checks and traffic related actions for configuring SSL initiation support service. As a part of SSL initiation profile, you can specify actions related to certification revocations checks and chose an option to ignore certificate validation, root CA expiration dates, and other such issues based on your requirements. Commonly ignored errors include the inability to verify CA signature, incorrect certificate expiration dates, and so forth. We do not recommend using this option for authentication because configuring it results in websites not being authenticated at all.


  • crl—Specify the certificate revocation actions.

    • disable—Disable CRL verification.

    • if-not-present—Specify actions for sessions.

      • allow—Allow sessions when CRL information is not available.

      • drop—Drop sessions when CRL information is not available.

    • ignore-hold-instruction-code—Ignore the unconfirmed (on hold) revocation status, and accept a certificate.

  • ignore-server-auth-failure—Ignore server authentication failure.

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 12.1X44-D10.