How Local User Authentication Works: RADIUS, Privilege Groups and X.509 Certificates
Certificate Revocation Lists (CRLs) are continuously updated by the issuing Certificate Authority. To maintain the integrity of the CA Certificates, use the X.509 CA Certificate Details page to import and maintain the CRL used to validate the CA Certificate. From this page you can:
•View the certificate details
•Import a Certificate Revocation List (CRL) for the CA Certificate
•Configure automatic update of the CRL.
The following figure shows the X.509 CA Certificate Details page.
Figure
The X.509 CA Certificate page provides the following information:
Table
Detail | Description |
|
|
|
|
Certificate Name | Name of the CA certificate. |
|
|
Certificate Authority | The Distinguished Name of the Certificate Authority for this CA certificate. |
|
|
Distinguished Name | The Subject Distinguished Name entered when creating the request for this |
| certificate on the Create Certificate Requests page. |
|
|
Certificate Serial Number | Serial number of this CA Certificate, shown in |
| format. |
|
|
Valid From | The start date of this CA Certificate, shown in the format <month> <day> |
| <hour>:<min>:<sec> <year> <timezone>. |
|
|
Expires On | The end date of this CA Certificate, shown in the format <month> <day> |
| <hour>:<min>:<sec> <year> <timezone>. |
|
|
CRL Expiry | Either the expiration date of the CRL associated with this CA Certificate, |
| shown in the format <month> <day> <hour>:<min>:<sec> <year> |
| <timezone>, or No CRL loaded if the user has not configured a CRL for |
| the CA Certificate. |
|
|
X Family LSM User’s Guide V 2.5.1 | 259 |
|
|