User`s guide

28-49

Cisco Router and Security Device Manager Version 2.2 User’s Guide

OL-4015-08

Chapter 28 Public Key Infrastructure

Digital Certificates

Revocation Check

Specify how the router is to check whether a certificate has been revoked in this

window.

Revocation Check

Configure how the router is to check for revocations, and order them by

preference. The router can use multiple methods.

Use/Method/Move Up/Move Down

Check the methods that you want to use, and use the Move Up and Move Down

buttons to place the methods in the order you want to use them.

• OCSP—Contact an Online Certificate Status Protocol server to determine the

status of a certificate.

• CRL—Certificate revocation is checked using a certificate revocation list.

• None—Do not perform a revocation check.

CRL Query URL

Enabled when CRL is selected. Enter the URL where the certificate revocation list

is located. Enter the URL only if the certificate supports X.500 DN.

OCSP URL

Enabled when OCSP is selected. Enter the URL of the OCSP server that you want

to contact.

Revocation Check, CRL Only

Specify how the router is to check whether a certificate has been revoked in this

window.

Verification

One of the following:

• None—Check the Certificate Revocation List (CRL) distribution point

embedded in the certificate.