A certificate revocation list (CRL) is a list of subscribers and their certificate status. When a potential user attempts to access a server, the server denies access based on the CRL entry for that particular user. This topic describes how to import a CRL into the NSX Manager.
- PEM-encoded X.509 CRL - 40 MB maximum size, 500,000 entries
- Mozilla OneCRL - 5 MB maximum size, 10,000 entries
- Revoked certificates and the reasons for revocation
- Dates the certificates are issued
- Entities that issued the certificates
- Proposed date for the next release
Verify that a CRL is available.
- With admin privileges, log in to NSX Manager.
- Select .
- Click the CRLs tab.
- To browse the default_public_crl file, expand that row and click View Details.
You can view the Issuer Name and Serial Numbers details.
- To import a CRL, click Import and add the CRL details.
Option Description Name Assign a name to the CRL. CRL Bundle
Browse for your PEM or JSON files and select the file for import.
Description Enter a summary of what is included in this CRL.
- Click Save.
The imported CRL appears as a link.