Manage Users, Authentication, and VPN Certificates
320
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Manage the VPN Certificate Revocation List
A Certificate Revocation List (CRL) file shows digital certificates that have been revoked and
are no longer valid. Each CA issues its own CRLs. It is important that you keep your CRLs
up-to-date. You should obtain the CRL for each CA regularly.
To view the currently loaded CRLs and upload a new CRL:
1. Select VPN > Certifica
tes. The Certificates screen displays. The following figure shows
the bottom section of the screen with the Certificate Revocation Lists (CRL) table.
(There is one example certificate in the table.)
Figure 212. Certificates, screen 3 of 3
The Certificate Revocation Lists (CRL) table lists the active CAs and their critical release
dates:
• CA I
dentity. The official name of the CA that issued the CRL.
• Last Up
date. The date when the CRL was released.
• Next Up
date. The date when the next CRL will be released.
2. In
the Upload CRL section, click the Browse button and navigate to the CLR file that you
previously downloaded from a CA.
3. Click the Upload t
able button. If the verification process on the VPN firewall approves the
CRL, the CRL is added to the Certificate Revocation Lists (CRL) table.
Note: If the table already contains a CRL from the same CA, the old CRL
is deleted when you upload the new CRL.
To delete one or more CRLs:
1. In the Cert
ificate Revocation Lists (CRL) table, select the check box to the left of each
CRL that you want to delete, or click the Select All table button to select all CRLs.
2. Click the Delete t
able button.