Example—Pasting a CRL Into the Local certrldb Database (IPsec and IKE Administration Guide)

IPsec and IKE Administration Guide

Previous: How to Configure IKE With Public Keys Signed by a Certificate Authority
Next: How to Use the Sun Crypto Accelerator 1000 Card With IKE

Example—Pasting a CRL Into the Local `certrldb` Database

The example shows how to use a CRL that is not available from a central distribution point.

If your organization's certificate does not contain a central distribution point, you can add the organization's CRL manually to the local crls database. You follow the organization's instructions for extracting the CRL, then add the CRL to the database with the ikecert certrldb –a command.

# ikecert certrldb -a<Type the Return key>
<Paste the CRL from the PKI organization.>

<Type the Return key.>
<Type <Control-D> to enter the CRL into the database.>

Previous: How to Configure IKE With Public Keys Signed by a Certificate Authority
Next: How to Use the Sun Crypto Accelerator 1000 Card With IKE