CRL Distribution Point objects used for configuring a local CA
Originally Published: 2003-02-03
Article Number
Applies To
Microsoft Windows
UNIX (AIX, HP-UX, Solaris)
Issue
Resolution
Create a local CA with a Custom CA profile allows the administrator to highlight the 'CRL Distribution Points' extension from the available extensions listing. During the CA Certificates Extensions Values configuration a specifed number of DistributionPoint objects can be configured for the cRLDistPoints option. There are three types of DistributionPoint object; distributionPoint, reasons, cRLIssuer.
A cRLIssuer DistributionPoint object has a maximum of eight CRLIssuer objects available; otherName, rfc822Name, dNSName, directoryName, editPartyName, uRL, IPAddress and registeredID.
- otherName requires an OID type-id and value
- directoryName requires a number of RelativeDistinguishedName to be defined
RelativeDistinguishedName attributes available for usage in the directoryName configuration;
- commonName
- countryName
- localityName
- stateOrProvinceName
- organizationName
- organizationalUnitName
- title
- pkcs9email
- postalAddress
- pseudonym
- dateOfBirth
- placeOfBirth
- gender
- countryOfCitizenship
- countryOfResidence
For more information on supported DistributionPoint objects, see the solution regarding Which CRL entry extensions are used and supported?
Related Articles
How to set up a CRL Distribution Point in a certificate during certificate manual approval Number of Views Invalid CRL Distribution Point in certificate Number of Views CRL Distribution Point (CRLdp) causes URLs to fail in RSA Certificate Manager Number of Views Authentication Manager How to Retrieve the LDAPS Certificate and Configure an External Identity Source to Use LDAPS Number of Views How to create and configure certificates for HTTPS access when using intermediate CA certs in RSA Identity Governance & Li… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
