How to fetch a CRL directly from KCA LDAP database
Originally Published: 2002-12-16
Article Number
Applies To
Issue
Resolution
1. To retrieve PEM formatted CRL, you can use the following:
ldap://<KCA-host-name>:<LDAP-port>/md5=<MD5-of-the-CA>?certificaterevocationlist?
2. To retrieve the CRL in binary(DER), the following would work (*** Only when local CRL publishing is enabled):
ldap://<KCA-host-name>:<LDAP-port>/<DN-of-the-CA-cert>?certificaterevocationlist?
For example:
ldap://host.name:389:/c=us,st=ca,l=westerville,o=acme,ou=security,cn=myca?certificaterevocationlist?
Related Articles
Workflow Policy Number of Views Generic REST Collector ignores the Response Timeout Setting configured in the Collector Definition in RSA Identity Governa… Number of Views Error "java.lang.NullPointerException" when pressing on Finish button to update a Generic REST EDC in RSA Governance & Lif… Number of Views Generic REST Collector fails with 'jsonpath.PathNotFoundException:Missing property in path $['members']' error collecting … Number of Views AFX is unresponsive and one or more AFX Connectors are in a Not Deployed state in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process
Don't see what you're looking for?
