Filter
Top Products
2049
<Sysname> system-view
[Sysname] pki entity 1
[Sysname-pki-entity-1] country CN
crl check
Syntax crl check { disable | enable }
View PKI domain view
Parameter disable: Disables CRL checking.
enable: Enables CRL checking.
Description Use the
crl check command to enable or disable CRL checking.
By default, CRL checking is enabled.
CRLs are files issued by the CA to distribute all certificates have been revoked.
Revocation of a certificate may occur before the certificate expires. CRL checking is
intended for checking whether a certificate has been revoked. A revoked
certificate is no longer trusted.
Example # Disable CRL checking.
<Sysname> system-view
[Sysname] pki domain 1
[Sysname-pki-domain-1] crl check disable
crl update-period
Syntax crl update-period hours
undo crl update-period
View PKI domain view
Parameter hours: CRL update period, in the range 1 to 720 hours.
Description Use the
crl update-period command to set the CRL update period, that is, the
interval at which the PKI entity downloads the latest CRL.
Use the
undo crl update-period command to restore the default.
By default, the CRL update period depends on the next update field in the CRL
file.
The CRL update period is the interval at which a PKI entity with a certificate
downloads a CRL from LDAP server.