config certificate crl
Certificate Revocation List as a PEM file.
config certificate crl
Description: Certificate Revocation List as a PEM file.
edit <name>
set crl {user}
set range [global|vdom]
set source [factory|user|...]
set update-vdom {string}
set ldap-server {string}
set ldap-username {string}
set ldap-password {password}
set http-url {string}
set scep-url {string}
set scep-cert {string}
set update-interval {integer}
set source-ip {ipv4-address}
next
end
config certificate crl
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
crl |
Certificate Revocation List as a PEM file. |
user |
Not Specified |
|||||||||
range |
Either global or VDOM IP address range for the certificate. |
option |
- |
|||||||||
|
|
|||||||||||
source |
Certificate source type. |
option |
- |
|||||||||
|
|
|||||||||||
update-vdom |
VDOM for CRL update. |
string |
Maximum length: 31 |
|||||||||
ldap-server |
LDAP server name for CRL auto-update. |
string |
Maximum length: 35 |
|||||||||
ldap-username |
LDAP server user name. |
string |
Maximum length: 63 |
|||||||||
ldap-password |
LDAP server user password. |
password |
Not Specified |
|||||||||
http-url |
HTTP server URL for CRL auto-update. |
string |
Maximum length: 255 |
|||||||||
scep-url |
SCEP server URL for CRL auto-update. |
string |
Maximum length: 255 |
|||||||||
scep-cert |
Local certificate for SCEP communication for CRL auto-update. |
string |
Maximum length: 35 |
|||||||||
update-interval |
Time in seconds before the FortiGate checks for an updated CRL. Set to 0 to update only when it expires. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||
source-ip |
Source IP address for communications to a HTTP or SCEP CA server. |
ipv4-address |
Not Specified |