000026036 - How to set the CRLdp certificate extension to point to specific Web server to retrieve the CRL

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000026036
Applies ToKeon Certificate Authority 6.5.1
IssueHow to set the CRLdp certificate extension to point to specific Web server to retrieve the CRL
ResolutionBelow is an example of a custom certificate profile which sets the CRL to specific URL of a external Web server. See the KCA documentation on Custom Certificate Profiles for more information on this feature.

{
  name : 'CRL Distribution Points',
  type : 'mandatory',
  autogenerate : false,
  noncritical : {
    def : false,
    editable : true,
    visible : true,
    type : 'mandatory'
  },
  cRLDistPointsSyntax : {
    def : 1,
    min : 1,
    max : 10,
    visible : true,
    editable : true,
    type : 'mandatory',
    elements : [
      {
        editable : true,
        visible : true,
        type : 'optional',
        distributionPoint : {
          def : 'fullName',
          editable : true,
          visible : true,
          type : 'mandatory',
          value : {
            min : 1,
            max : 10,
            def : 1,
            editable : true,
            visible : true,
            elements : [
              {
                def : 'uRI',
                editable : true,
                visible : true,
                type : 'mandatory',
                value : {
                  def : 'http://crl.something.com/mycamd5.crl',
                  editable : true,
                  visible : true,
                  type : 'mandatory',
                  validator : 'extCheckGenName(this)'
                }
              }
            ]
          }
        }
      }
    ]
  }
}
Legacy Article IDa22753

Attachments

    Outcomes