A certificate revocation list (CRL) is a list of subscribers and their certificate status. When a potential user attempts to access a server, the server denies access based on the CRL entry for that particular user.
The list contains the following items:
- Revoked certificates and the reasons for revocation
- Dates the certificates are issued
- Entities that issued the certificates
- Proposed date for the next release
Prerequisites
Verify that a CRL is available.
Procedure
- From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Select .
- Click the CRLs tab.
- Click Import and add the CRL details.
Option Description Name Assign a name to the CRL. Certificate Contents Copy all of the items in the CRL and paste them in this section.
A sample CRL.-----BEGIN X509 CRL----- MIIBODCB4zANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD UUxEMRkwFwYDVQQKExBNaW5jb20gUHR5LiBMdGQuMQswCQYDVQQLEwJDUzEbMBkG A1UEAxMSU1NMZWF5IGRlbW8gc2VydmVyFw0wMTAxMTUxNjI2NTdaFw0wMTAyMTQx NjI2NTdaMFIwEgIBARcNOTUxMDA5MjMzMjA1WjASAgEDFw05NTEyMDEwMTAwMDBa MBMCAhI0Fw0wMTAxMTUxNjE5NDdaMBMCAhI1Fw0wMTAxMTUxNjIzNDZaMA0GCSqG SIb3DQEBBAUAA0EAHPjQ3M93QOj8Ufi+jZM7Y78TfAzG4jJn/E6MYBPFVQFYo/Gp UZexfjSVo5CIyySOtYscz8oO7avwBxTiMpDEQg== -----END X509 CRL--
Description Enter a summary of what is included in this CRL. - Click Import.
Results
The imported CRL appears as a link.