[Pki-users] Publishing CRL on Certs
Marc Sauton
msauton at redhat.com
Sat Dec 10 22:26:28 UTC 2016
It is called "CRL publishing" (to file), and there are a few configuration
steps all in the "main" configuration file called CS.cfg (e.g.
/etc/pki/pki-ca1from80/ca/CS.cfg)
stop the CA before any manual edits (need to know what to change), or use
the pkiconsole UI to make changes.
It may seem a little bit confusing at first, but the system is flexible,
with the components called "mappers, publishers, and rules".
I will refer to the online documentation for the details and examples:
You can have one CRL, CRL issuing points, delta CRLs.
http://pki.fedoraproject.org/wiki/CRL_Publishing
https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/9/html/Administration_Guide/Publishing.html
https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/9/html/Administration_Guide/Configuring_Publishers_for_Publishing_to_a_File.html
and
https://access.redhat.com/site/solutions/400253
Red Hat Certificate System CRL publishing to file
Thanks,
M.
On Sat, Dec 10, 2016 at 1:22 AM, Rafael Leiva-Ochoa <spawn at rloteck.net>
wrote:
> Hi Everyone,
>
> What configuration file on my Dogtag CA Server do I modify to publish
> the CRL. And what change do I put on it. I only see the OSCP link on
> certificates I generate or approve. Any help would be great.
>
> Thanks,
>
> Rafael
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20161210/195fd0f7/attachment.htm>
More information about the Pki-users
mailing list