HP-UX IPSec version A.02.01 Administrator's Guide
Using Certificates with HP-UX IPSec
Step 6: Retrieving the CRL Using cron
Chapter 5174
Step 6: Retrieving the CRL Using cron
If the CA periodically publishes the CRL to an LDAP directory, you can
use the following procedure to automatically retrieve it using the cron
utility.
Step 1. Execute the ipsec_config add crl command to configure information
about the LDAP server in the /var/adm/ipsec/cainfo.txt file. This
also retrieves the CRL.
Step 2. Add the following entries to the root user’s crontab file.
# Retrieve the CRL from the Certificate Authority
# (for HP-UX IPSec)
mn hr mn_day mon wkday
/var/adm/ipsec_gui/cron/cron/crl.cron
The fields in italics are placeholders. Replace them with appropriate
values when you enter the lines into the crontab file.
For example, to retrieve the CRL every hour on the hour, add the
following entries to the crontab file:
# Retrieve the CRL from the Certificate Authority
# (for HP-UX IPSec)
0 * * * * /var/adm/ipsec_gui/cron/crl.cron
Step 3. Execute the crontab command to submit the root crontab file:
crontab /var/spool/cron/crontabs/root
For more information about cron jobs and the crontab file format, refer
to the cron(1M) and crontab(1) manpages.