A Certificate Revocation List (CRL) is a list of subscribers and their status, which is provided and signed by Microsoft.

The list contains the following items:

  • The revoked certificates and the reasons for revocation

  • The dates that the certificates are issued

  • The entities that issued the certificates

  • A proposed date for the next release

When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.


  1. Log in to the vSphere Web Client.
  2. Click Networking & Security and then click NSX Edges.
  3. Double-click an NSX Edge.
  4. Click the Manage tab and then ensure that you are in the Settings tab.
  5. Click Certificates.
  6. Click the Add (add icon) icon and select CRL.
  7. In Certificate contents, paste the list.
  8. (Optional) Type a description.
  9. Click OK.