How to fetch a CRL directly from KCA LDAP database
Originally Published: 2002-12-16
Article Number
Applies To
Issue
Resolution
1. To retrieve PEM formatted CRL, you can use the following:
ldap://<KCA-host-name>:<LDAP-port>/md5=<MD5-of-the-CA>?certificaterevocationlist?
2. To retrieve the CRL in binary(DER), the following would work (*** Only when local CRL publishing is enabled):
ldap://<KCA-host-name>:<LDAP-port>/<DN-of-the-CA-cert>?certificaterevocationlist?
For example:
ldap://host.name:389:/c=us,st=ca,l=westerville,o=acme,ou=security,cn=myca?certificaterevocationlist?
Related Articles
Workflow Policy Number of Views Generic REST Collector ignores the Response Timeout Setting configured in the Collector Definition in RSA Identity Governa… Number of Views Error "java.lang.NullPointerException" when pressing on Finish button to update a Generic REST EDC in RSA Governance & Lif… Number of Views Generic REST Collector fails with 'jsonpath.PathNotFoundException:Missing property in path $['members']' error collecting … Number of Views AFX is unresponsive and one or more AFX Connectors are in a Not Deployed state in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
