crl check enable
Use crl check enable to enable CRL checking.
Use undo crl check enable to disable CRL checking.
Syntax
crl check enable
undo crl check enable
Default
CRL checking is enabled.
Views
PKI domain view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A CRL is a list of revoked certificates signed and published by a CA. Revoked certificates should no longer be trusted.
Enable CRL checking to ensure that the device only accepts certificates that have not been revoked by the issuing CA.
Examples
# Disable CRL checking.
<Sysname> system-view [Sysname] pki domain aaa [Sysname-pki-domain-aaa] undo crl check enable
Related commands
pki import
pki retrieve-certificate
pki validate-certificate