Specifies the location of a CRL so the smkeydatabase can locate the list during the SAML authentication process. The smkeydatabase does not store the contents of a CRL, but merely reads the CRL contents when the Policy Server starts and after a refresh interval has elapsed.
Important! If you add a CRL entry to the smkeydatabase, you must restart the Policy Server.
Arguments for addRevocationInfo are as follows:
Required. Alias name of the Certificate Authority who issues the CRL.
Example: -issueralias verisignCA
Required. Specifies whether the list is a certificate file or an LDAP CRL. The options are ldapcrl or filecrl.
Required. Specifies the location of the CRL. For a file, specify the full path to the file. For an LDAP CRL, specify the full path to the LDAP server node.
Example of file location: -location c:\crls\siteminder_root_ca.crl
Example of LDAP CRL location: -location "http://localhost:880/sn=siteminderroot, dc=crls,dc=com"
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |