-
Notifications
You must be signed in to change notification settings - Fork 145
PKI Server CA CRL Issuing Point CLI
Endi S. Dewata edited this page Jun 26, 2025
·
1 revision
The pki-server ca-crl-ip-* commands provide an interface to manage CRL issuing points in CA.
Availability: Since PKI 11.5.
$ pki-server ca-crl-ip-find ID: MasterCRL Description: CA's complete Certificate Revocation List Class: com.netscape.ca.CRLIssuingPoint Enable: true
$ pki-server ca-crl-ip-show MasterCRL ID: MasterCRL Description: CA's complete Certificate Revocation List Class: com.netscape.ca.CRLIssuingPoint Enable: true Allow Extensions: true Always Update: false Auto Update Interval (minutes): 240 CA Certs Only: false Cache Update Interval (minutes): 15 Unexpected Exception Wait Time (minutes): 30 Unexpected Exception Loop Max: 10 Daily Updates: 1:00 Enable CRL Cache: true Enable CRL Updates: true Enable Cache Testing: false Enable Cache Recovery: true Enable Daily Updates: true Enable Update Interval: true Extended Next Update: true Include Expired Certs: false Min Update Interval (minutes): 0 Next Update Grace Period (minutes): 0 Publish On Start: false Save Memory: false Signing Algorithm: SHA256withRSA Update Schema: 1
$ pki-server ca-crl-ip-mod \
--desc "Master CRL" \
--class com.example.ca.CRLIssuingPoint \
--enable false \
-D alwaysUpdate=true \
-D autoUpdateInterval=5 \
MasterCRL
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |