1. Administrative Security Guide
  2. Configuring IKEv2 Interfaces
  3. Certificate Revocation Lists
  4. CRL-Based Certificate Verification

CRL-Based Certificate Verification

This section provides instruction on using the ACLI to configure periodic retrieval of CRLs.

Configuration of CRL-based certificate verification is a three-step process.

  1. Specify the information and cryptological resources required to access one or more CRL sources.
  2. If not already done, enable CRL usage on an IKEv2 interface.
  3. Associate one or more CRLs with an IKEv2 interface.