Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Customize the domain-wide CRL settings

Before you begin

A certificate revocation list (CRL) is a time-stamped list of digital certificates that have been revoked by the certificate authority (CA) that issued them. Each CRL is signed by a CA and made freely available in a public repository.

When configuring certificate revocation checking in a WebLogic domain, you can customize the following CRL settings:

To customize the CRL configuration in WebLogic Server:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane of the Console, under Domain Structure, select the domain name.
  3. Select Security > SSL Certificate Revocation Checking > CRL.
  4. Customize one or more of the following:
    • To enable the CRL updates from distrubution points, select the Enable Updates from Distribution Points check box. (Distribution point updates are enabled by default.)
    • To customize the CRL cache refresh, click Advanced, and specify the Cache Refresh Period (percent).
    • To customize the CRL download timeout setting, click Advanced, and specify the Distribution Point Download Timeout (seconds).
  5. Click Save.
  6. In the Change Center, click Activate Changes. If automatic realm restart is enabled in the default realm, you do not need to restart WebLogic Server for changes to go into effect.

Back to Top