VPN > CA Certificates
Certificate Revocation List (CRL)
A Certificate Revocation List (CRL) is a way to check the validity of an existing certificate. A certificate may be invalid for several reasons:
•It is no longer needed.
•A certificate was stolen or compromised.
•A new certificate was issued that takes precedence over the old certificate.
If a certificate is invalid, the CA may publish the certificate on a Certificate Revocation List at a given interval, or on an online server in a X.509 v3 database using Online Certificate Status Protocol (OCSP). Consult your CA provider for specific details on locating a CRL file or URL.
You can import the CRL by manually downloading the CRL and then importing it into the SonicWALL. You can also enter the URL location of the CRL by entering the address in the Enter CRL’s location (URL) for
Importing a CRL List
To import a CRL list, follow these steps:
1Click Browse for Please select a file to import.
2Locate the PKCS#12 (*.p12) or Micorosft (*.pfx) encoded file.
3Click Open to set the directory path to the certificate.
4Click Import to import the certificate into the SonicWALL.
Automatic CRL Update
To enable automatic CRL updates to the SonicWALL, type the URL of the CRL server for your CA service in the Enter CRL’s location (URL) for
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE | 245 |