CRL - File Format - Updating

Question

Hey All,&nbsp;
&nbsp;We're looking to implement client certificate authentication and use a CRL.&nbsp;
&nbsp;1 - Updating the CRL file on a regular basis - best to do with a cron job?&nbsp;
&nbsp;2 - The CRL we are getting from the Cert Authority is in a .crl format.  Since the LTM requires it to be a PEM formatted file, how would we go about doing that.  All previous attempts to do so via Openssl have been unsuccessful.&nbsp;
&nbsp;Thanks in advance.

luke_lehman · Answer

Solved.&nbsp;
&nbsp;.crl format is actually DER format.  The openssl syntax that I had wasn't correct.&nbsp;
&nbsp;bad syntax:   openssl crl -in .crl -outform PEM -out .pem
&nbsp;good syntax: openssl crl -inform der -in .crl -out .pem&nbsp;
&nbsp;Still looking for suggestions as to if a cron job is the best / safest way to obtain the CRL.&nbsp;
&nbsp;Thanks.

Forum Discussion

CRL - File Format - Updating

1 Reply

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Auditing Security Policy Updates

Update your DevCentral user profile

X509 Subject Formatting

CSV to Address External Datagroup File

Clouddocs Updates