Manualshelf

HP-UX IPSec version A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
261262263264265266267268269270
Migrating from Previous Versions of HP-UX IPSec
Post-Installation Migration Instructions
Appendix C256
Retrieving a VeriSign Certificate Revocation List
Beginning with release A.02.01, HP-UX IPSec no longer supports the
VeriSign CRL automatic retrieval method using the
/var/adm/ipsec_gui/cron/crl.cron script file. (The
/var/adm/ipsec_gui/cron/crl.cron file in version A.02.01 retrieves a
CRL stored in an LDAP directory.) If you had an entry in the root user’s
crontab file to execute the crl.cron file, you must delete it.
To retrieve a VeriSign CRL, you must manually retrieve it using the
VeriSign OnSite web interface to store it in a local file, and then use the
following command to manually store the file in the HP-UX IPSec
storage scheme:
ipsec_config add crl -file
crl_filename
The
crl_filename
is the name of the local file that contains the CRL
retrieved from VeriSign.