A Certificate revocation list (CRL) is a list of subscribers and their certificate status. When a potential user attempts to access a server, the server denies access based on the CRL entry for that particular user.
The list contains the following items:
- Revoked certificates and the reasons for revocation
- Dates the certificates are issued
- Entities that issued the certificates
- Proposed date for the next release
Verify that a CRL is available.
- From your browser, log in with admin privileges to an NSX Manager at https://nsx-manager-ip-address.
- Select from the navigation panel.
- Click the CRLS tab.
- Click Import and add the CRL details.
Option Description Name Assign a name to the CRL. Certificate Contents
Copy all of the items in the CRL and paste them in this section.A sample CRL.
-----BEGIN X509 CRL----- MIIBODCB4zANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD UUxEMRkwFwYDVQQKExBNaW5jb20gUHR5LiBMdGQuMQswCQYDVQQLEwJDUzEbMBkG A1UEAxMSU1NMZWF5IGRlbW8gc2VydmVyFw0wMTAxMTUxNjI2NTdaFw0wMTAyMTQx NjI2NTdaMFIwEgIBARcNOTUxMDA5MjMzMjA1WjASAgEDFw05NTEyMDEwMTAwMDBa MBMCAhI0Fw0wMTAxMTUxNjE5NDdaMBMCAhI1Fw0wMTAxMTUxNjIzNDZaMA0GCSqG SIb3DQEBBAUAA0EAHPjQ3M93QOj8Ufi+jZM7Y78TfAzG4jJn/E6MYBPFVQFYo/Gp UZexfjSVo5CIyySOtYscz8oO7avwBxTiMpDEQg== -----END X509 CRL--
Description Enter a summary of what is included in this CRL.
- Click Save.
The imported CRL appears as a link.