sys crypto crl
sys crypto crl(1) BIG-IP TMSH Manual sys crypto crl(1)
NAME
crl - Manage certificate revocation lists on the BIG-IP(r) system.
MODULE
sys crypto
SYNTAX
Manage crls using the syntax in the following section.
INSTALL
install crl [name]
options:
ca-file [filename]
consumer
[enterprise-manager | iquery | iquery-big3d | ltm | webserver]
from-editor
from-local-file [filename]
from-url [URL]
DELETE
delete crl [name]
DESCRIPTION
You can use the crl component to install, and delete certificate revocation lists. The file-objects created by
these operations can be used in other BIG-IP system configuration blocks such as ssl profiles.
EXAMPLES
install crl example from-editor
Opens an interactive editor session into which can be pasted a crl for import into the BIG-IP system. A crl
file-object will be created with the name example which contains the contents saved from the editor session.
install crl example from-local-file /tmp/example.crl
Obtains a crl from the file located at /tmp/example.crl and installs it as example.crl. The crl extension
(".crl") will be appended to the installed crl name if it is not already provided in the name.
install crl /myfolder/myexample from-local-file /tmp/example.crl
Similar to above, but installs the crl "myexample.crl" in folder "/myfolder" instead of the default "/Common".
The specified folder "/myfolder" must already exist in order for this operation to succeed.
install crl example from-url http://example.com/example.crl
Obtains a crl from a remote host, based on the URI specified.
delete crl example.crl
Deletes the certificate revocation list "example.crl" from the system.
OPTIONS
consumer
Specifies the system component by which the certificate revocation list will be consumed. The default
behavior is to create file-objects for use by ltm components. This is the same as specifying "ltm" for
this property. If a component other than "ltm" is specified then files will be installed/created into
locations where the specified components can find them. For example, for component "webserver", crls will
be placed in the webservers ssl directories.
from-editor
Specifies that the crl should be obtained from a text editor session. This allows crls to be imported via
cut-n-paste from another location as long as they are in a text representation.
from-local-file
Specifies a local file path from which the crl is to be copied.
from-url
Specifies a URI which is to be used to obtain the crl for import into the configuration of the system.
The URL syntax is protocol dependent. Supported schemes are "HTTP", "HTTPS", "FTP", "FTPS" & "FILE."
SEE ALSO
create, install, delete, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2013. All rights reserved.
BIG-IP 2013-03-21 sys crypto crl(1)