Filter
Top Products
33-6
Cisco ASDM User Guide
OL-16647-01
Chapter 33 Configuring Certificates
CA Certificate Authentication
The following panels are the tab-selectable displays that address CA certificate configuration specifics.
Each tabbed display is summarized in the following list:
Revocation Check —The Revocation Check panel lets you chose or reject revocation checking, specify
a method of revocation checking (CRL or OCSP) and allows you to ignore revocation-checking errors
when validating a certificate. For details of the Revocation Check panel, see Revocation Check
Configuration.
CRL Retrieval Policy—The CRL Retrieval Policy panel allows you to configure use of the CRL
distribution point and/or static CRL URLs, with capabilities to add, edit, and delete status CRL URLs.
For details, see CRL Retrieval Policy Configuration.
CRL Retrieval Method—The CRL Retrieval Method panel allows you to chose Lightweight Directory
Access Protocol (LDAP), HTTP, or Simple Certificate Enrollment Protocol (SCEP) as the method to be
used for CRL retrieval. For the LDAP method, you can configure the LDAP parameters and security. See
CRL Retrieval Method Configuration.
OCSP Rules—Online Certificate Status Protocol (OCSP) is used for obtaining revocation status of an
X.509 digital certificate and is an alternative to certificate revocation lists (CRL). For details, see OSCP
Rules Configuration. Refer to OCSP Rules Configuration.
Advanced—The Advanced panel allows you to set up CRL update parameters, OCSP parameters, and
certificate acceptance and validation parameters. See Advanced Configuration Options.
Revocation Check Configuration
With the Revocation Check Edit Option panel, you can specify degrees of user certificate revocation
checking as follows:
No Revocation Checking
- Click the Do not check certificates for revocation button to disable
revocation checking of certificates.
Revocation Checking Method(s)
- Click the Check certificates for revocation to select one or more
revocation checking methods. Available methods display on the left; use the Add button to move a
method to the right.