sys crypto crl
sys crypto crl(1) BIG-IP TMSH Manual sys crypto crl(1)
NAME
crl - Manage certificate revocation lists on the BIG-IP(r) system.
MODULE
sys crypto
SYNTAX
Manage crls using the syntax in the following section.
INSTALL
install crl [name]
options:
ca-file [filename]
consumer
[enterprise-manager | iquery | iquery-big3d | ltm | webserver]
from-editor
from-local-file [filename]
from-url [URL]
DELETE
delete crl [name]
DESCRIPTION
You can use the crl component to install, and delete certificate revocation lists. The file-objects created by these
operations can be used in other BIG-IP system configuration blocks such as ssl profiles.
EXAMPLES
install crl example from-editor
Opens an interactive editor session into which can be pasted a crl for import into the BIG-IP system. A crl file-object
will be created with the name example which contains the contents saved from the editor session.
install crl example from-local-file /tmp/example.crl
Obtains a crl from the file located at /tmp/example.crl and installs it as example.crl. The crl extension (".crl") will be
appended to the installed crl name if it is not already provided in the name.
install crl /myfolder/myexample from-local-file /tmp/example.crl
Similar to above, but installs the crl "myexample.crl" in folder "/myfolder" instead of the default "/Common". The
specified folder "/myfolder" must already exist in order for this operation to succeed.
install crl example from-url http://example.com/example.crl
Obtains a crl from a remote host, based on the URI specified.
delete crl example.crl
Deletes the certificate revocation list "example.crl" from the system.
OPTIONS
consumer
Specifies the system component by which the certificate revocation list will be consumed. The default behavior is to
create file-objects for use by ltm components. This is the same as specifying "ltm" for this property. If a component
other than "ltm" is specified then files will be installed/created into locations where the specified components can
find them. For example, for component "webserver", crls will be placed in the webservers ssl directories.
from-editor
Specifies that the crl should be obtained from a text editor session. This allows crls to be imported via cut-n-paste
from another location as long as they are in a text representation.
from-local-file
Specifies a local file path from which the crl is to be copied.
from-url
Specifies a URI which is to be used to obtain the crl for import into the configuration of the system.
The URL syntax is protocol dependent. Supported schemes are "HTTP", "HTTPS", "FTP", "FTPS" & "FILE."
SEE ALSO
create, install, delete, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2013. All rights reserved.
BIG-IP 2013-03-21 sys crypto crl(1)