How to fetch a CRL directly from KCA LDAP database
Originally Published: 2002-12-16
Article Number
Applies To
Issue
Resolution
1. To retrieve PEM formatted CRL, you can use the following:
ldap://<KCA-host-name>:<LDAP-port>/md5=<MD5-of-the-CA>?certificaterevocationlist?
2. To retrieve the CRL in binary(DER), the following would work (*** Only when local CRL publishing is enabled):
ldap://<KCA-host-name>:<LDAP-port>/<DN-of-the-CA-cert>?certificaterevocationlist?
For example:
ldap://host.name:389:/c=us,st=ca,l=westerville,o=acme,ou=security,cn=myca?certificaterevocationlist?
Related Articles
Workflow Policy Number of Views AFX is unresponsive and one or more AFX Connectors are in a Not Deployed state in RSA Identity Governance & Lifecycle Number of Views How to collect RAID logs using Intel RAID CmdTool2 for the RSA SecurID A250 Intel-based Hardware Appliances S2600GZ/GL Number of Views 'One or more attributes used in Join Condition has duplicate values' error during unification in RSA Identity Governance &… Number of Views When approval activities are grouped by category, they auto-complete when one of the items is rejected in RSA Identity Gov… Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
