sys crypto crl
sys crypto crl(1) BIG-IP TMSH Manual sys crypto crl(1)
NAME
crl - Manage certificate revocation lists on the BIG-IP(r) system.
MODULE
sys crypto
SYNTAX
Manage crls using the syntax in the following section.
INSTALL
install crl [name]
options:
ca-file [filename]
consumer
[enterprise-manager | iquery | iquery-big3d | ltm | webserver]
from-editor
from-local-file [filename]
from-url [URL]
DELETE
delete crl [name]
DESCRIPTION
You can use the crl component to install, and delete certificate
revocation lists. The file-objects created by these operations can be
used in other BIG-IP system configuration blocks such as ssl profiles.
EXAMPLES
install crl example from-editor
Opens an interactive editor session into which can be pasted a crl for
import into the BIG-IP system. A crl file-object will be created with
the name example which contains the contents saved from the editor
session.
install crl example from-local-file /tmp/example.crl
Obtains a crl from the file located at /tmp/example.crl and installs it
as example.crl. The crl extension (".crl") will be appended to the
installed crl name if it is not already provided in the name.
install crl /myfolder/myexample from-local-file /tmp/example.crl
Similar to above, but installs the crl "myexample.crl" in folder
"/myfolder" instead of the default "/Common". The specified folder
"/myfolder" must already exist in order for this operation to succeed.
install crl example from-url http://example.com/example.crl
Obtains a crl from a remote host, based on the URI specified.
delete crl example.crl
Deletes the certificate revocation list "example.crl" from the system.
OPTIONS
consumer
Specifies the system component by which the certificate revocation
list will be consumed. The default behavior is to create file-
objects for use by ltm components. This is the same as specifying
"ltm" for this property. If a component other than "ltm" is
specified then files will be installed/created into locations
where the specified components can find them. For example, for
component "webserver", crls will be placed in the webservers ssl
directories.
from-editor
Specifies that the crl should be obtained from a text editor
session. This allows crls to be imported via cut-n-paste from
another location as long as they are in a text representation.
from-local-file
Specifies a local file path from which the crl is to be copied.
from-url
Specifies a URI which is to be used to obtain the crl for import
into the configuration of the system.
The URL syntax is protocol dependent. Supported schemes are
"HTTP", "HTTPS", "FTP", "FTPS" & "FILE."
SEE ALSO
create, install, delete, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2013. All rights reserved.
BIG-IP 2013-03-21 sys crypto crl(1)