000020902 - Can KCA configure whether the Invalidity Date extension is included in revocation lists?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020902
Applies ToKeon Certificate Authority 6.5
IssueCan KCA configure whether the Invalidity Date extension is included in revocation lists?
CRL contains Invalidity Date extension
CauseBy default, the Invalidity Date extension is included in revocation lists. If you configure a CA to include the extension in its revocation lists, the extension is included in all revocation lists (CRLs, ARLs, and delta CRLs) that CA issues, and is always marked as non-critical.
Resolution
This issue has been corrected in KCA 6.5 build 154. Please contact RSA Security Customer Support and request KCA 6.5 build 154. As a result of this new build, Administrators can configure - on a per-CA basis - whether to include the Invalidity Date extension in revocation lists. This functionality is accessed through a new button labeled "Configure Revocation List Extensions, on the View CA page".
Legacy Article IDa19484

Attachments

    Outcomes