HP-UX IPSec version A.02.01 Administrator's Guide
Using Certificates with HP-UX IPSec
Step 5: Adding the CRL to HP-UX IPSec
Chapter 5 171
Step 5: Adding the CRL to HP-UX IPSec
Use the ipsec_config add crl command to add a CRL to the HP-UX
IPSec storage scheme. The source for the CRL can be a local file in DER
format or CRL stored in an LDAP directory in DER format. The
ipsec_config utility stores the CRL in the file
/var/adm/ipsec/ipsec.crl.
ipsec_config add crl Syntax for Files
The add crl functionality is not supported in ipsec_config batch files.
Use the following ipsec_config add crl syntax to add a CRL from a
local file to the HP-UX IPSec storage scheme:
ipsec_config add crl -file
crl_filename
-file
crl_filename
Name of the local file containing the CRL.
Default: None.
Example
The following command adds /tmp/crl.der, the CRL file in DER format
received from the CA, to /var/adm/ipsec/ipsec.cert. The command
also updates the LDAP server information in the file
/var/adm/ipsec/cainfo.txt file.
ipsec_config add crl -file /tmp/crl.der
ipsec_config add crl Syntax for LDAP Directories
The add crl functionality is not supported in ipsec_config batch files.
Use the following ipsec_config add crl syntax to add a CRL from an
LDAP directory to the HP-UX IPSec storage scheme:
ipsec_config add crl -ldap
server_addr
[-port
port_number
] [-base
search_base
]
[-filter
search_filter
]