Sun Microsystems, Inc.
spacerspacer
spacer www.sun.com docs.sun.com |
spacer
black dot
 
 
21.  Internet Key Exchange IKE Tasks How to Configure IKE With Public Keys Signed by a Certificate Authority  Previous   Contents   Next 
   
 

How to Update a Certificate Revocation List

  1. Become superuser on the system console.

    Note - Logging in remotely exposes security-critical traffic to eavesdropping. Even if you somehow protect the remote login, the total security of the system is reduced to the security of the remote login session.

  2. Follow the instructions from the vendor about how to extract the revoked certificates.

  3. Use the following procedure to add the revoked certificate to the CRL database.

    1. Type the ikecert certrldb -a command and type <Return>.

      # ikecert certrldb -a <Return>

    2. Paste the revoked certificate from the PKI vendor and type <Return>, then <Control-D> to end the entry.

  4. Repeat for every CRL in the revocation list.

 		 
 
  Previous   Contents   Next