How to fetch a CRL directly from KCA LDAP database
Originally Published: 2002-12-16
Article Number
Applies To
Issue
Resolution
1. To retrieve PEM formatted CRL, you can use the following:
ldap://<KCA-host-name>:<LDAP-port>/md5=<MD5-of-the-CA>?certificaterevocationlist?
2. To retrieve the CRL in binary(DER), the following would work (*** Only when local CRL publishing is enabled):
ldap://<KCA-host-name>:<LDAP-port>/<DN-of-the-CA-cert>?certificaterevocationlist?
For example:
ldap://host.name:389:/c=us,st=ca,l=westerville,o=acme,ou=security,cn=myca?certificaterevocationlist?
Related Articles
AFX is unresponsive and one or more AFX Connectors are in a Not Deployed state in RSA Identity Governance & Lifecycle Number of Views How to collect RAID logs using Intel RAID CmdTool2 for the RSA SecurID A250 Intel-based Hardware Appliances S2600GZ/GL Number of Views 'One or more attributes used in Join Condition has duplicate values' error during unification in RSA Identity Governance &… Number of Views Active Directory Account Collector fails with 'Naming Exception happened' in RSA Identity Governance & Lifecycle Number of Views When approval activities are grouped by category, they auto-complete when one of the items is rejected in RSA Identity Gov… Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.9 Release Notes (January 2026) Artifacts to gather in RSA Identity Governance & Lifecycle RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA Governance & Lifecycle 8.0.0 Installation Guide
Don't see what you're looking for?
