How to fetch a CRL directly from KCA LDAP database
Originally Published: 2002-12-16
Article Number
Applies To
Issue
Resolution
1. To retrieve PEM formatted CRL, you can use the following:
ldap://<KCA-host-name>:<LDAP-port>/md5=<MD5-of-the-CA>?certificaterevocationlist?
2. To retrieve the CRL in binary(DER), the following would work (*** Only when local CRL publishing is enabled):
ldap://<KCA-host-name>:<LDAP-port>/<DN-of-the-CA-cert>?certificaterevocationlist?
For example:
ldap://host.name:389:/c=us,st=ca,l=westerville,o=acme,ou=security,cn=myca?certificaterevocationlist?
Related Articles
SQL Exception in the RSA Identity Governance and Lifecycle UI while saving the workflow after rollback Number of Views Identity Data Unification longer in Step 8/11 Populate Role Metrics in RSA Governance & Lifecycle Number of Views Approval workflow slow or stuck in decision node in RSA Governance & Lifecycle Number of Views In RSA Identity Governance & Lifecycle, a SQL exception error in the UI is encountered when saving Delay node on a Workflow Number of Views Questions on the security of offline authentication data in the RSA SecurID Authentication Agent for Microsoft Windows Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
