EasyManuals Logo
Home>HP>Network Router>MSR SERIES

HP MSR SERIES Command Reference

HP MSR SERIES
684 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #300 background imageLoading...
Page #300 background image
286
vertical bar (|), colon (:), dot (.), left angle bracket (<), right angle bracket (>), quotation marks ("), and
apostrophe (').
Usage guidelines
CRLs are used to verify the validity of the local certificates and the peer certificates in a PKI domain. To
obtain CRLs, a PKI domain must have the proper CA certificate.
The device can obtain CRLs from the CRL repository through the HTTP, LDAP, or SCEP protocol. Which
protocol is used depends on the configuration of the CRL repository in the PKI domain:
• If the specified URL of the CRL repository is in HTTP format, the device obtains CRLs through the
HTTP protocol.
• If the specified URL of the CRL repository is in LDAP format, the device obtains CRLs through the
LDAP protocol. If the specified URL (by using the crl url command) does not have a host name, for
example, ldap:///CN=8088,OU=test,U=rd,C=cn, you must specify the URL of the LDAP server for
the PKI domain by using the ldap server command. In this case, the device combines the URL of the
LDAP server and the URL of the CRL repository to form a complete URL of the LDAP repository to
obtain CRLs through the LDAP protocol.
• If the PKI domain is not configured with the CRL repository, the device looks up the local certificates
and then the CA certificate for the CRL repository. If a CRL repository is found, the device obtains
CRLs from the point. Otherwise, the device obtains CRLs through the SCEP protocol.
Examples
# Obtain CRLs from the CRL repository.
<Sysname> system-view
[Sysname] pki retrieve-crl domain aaa
Related commands
• crl url
• ldap server
pki storage
Use pki storage to specify the storage path for the certificates or CRLs.
Use undo pki storage to restore the default.
Syntax
pki storage { certificates | crls } dir-path
undo pki storage { certificates | crls }
Default
The storage path for the certificates and CRLs is the PKI directory on the storage media of the device.
Views
System view
Predefined user roles
network-admin
Parameters
certificates: Specifies a storage path for the certificates.

Table of Contents

Other manuals for HP MSR SERIES

Preview: Configuration Guide
Configuration Guide889 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP MSR SERIES and is the answer not in the manual?

HP MSR SERIES Specifications

General IconGeneral
BrandHP
ModelMSR SERIES
CategoryNetwork Router
LanguageEnglish

Related product manuals