Supported Platforms
Related Documentation
crl (Adaptive Services Interface)
Syntax
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 8.1.
Description
Configure the certificate revocation list (CRL). A CRL is a time-stamped list identifying revoked certificates, which is signed by a CA and made available to the participating IPsec peers on a regular periodic basis.
Options
disable on-download-failure—Permit the authentication of the IPsec peer when the CRL is not downloaded.
password—Password to access the URLs.
refresh-interval number-of-hours—Time interval, in hours, between CRL updates.
Range: 0 through 8784
Default: 24
url url-name—Location from which to retrieve the CRL through the Lightweight Directory Access Protocol (LDAP). You can configure as many as three URLs for each configured CA profile.
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration
