Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    7.0.13
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config certificate crl

    config certificate crl

    Certificate Revocation List as a PEM file.

    config certificate crl
    Description: Certificate Revocation List as a PEM file.
    edit <name>
        set crl {user}
        set http-url {string}
        set ldap-password {password}
        set ldap-server {string}
        set ldap-username {string}
        set range [global|vdom]
        set scep-cert {string}
        set scep-url {string}
        set source [factory|user|...]
        set source-ip {ipv4-address}
        set update-interval {integer}
        set update-vdom {string}
    next
end

    config certificate crl

    Parameter

    Description

    Type

    Size

    Default

    crl

    Certificate Revocation List as a PEM file.

    user

    Not Specified

    http-url

    HTTP server URL for CRL auto-update.

    string

    Maximum length: 255

    ldap-password

    LDAP server user password.

    password

    Not Specified

    ldap-server

    LDAP server name for CRL auto-update.

    string

    Maximum length: 35

    ldap-username

    LDAP server user name.

    string

    Maximum length: 63

    name

    Name.

    string

    Maximum length: 35

    range

    Either global or VDOM IP address range for the certificate.

    option

    -

    global

    Option

    Description

    global

    Global range.

    vdom

    VDOM IP address range.

    scep-cert

    Local certificate for SCEP communication for CRL auto-update.

    string

    Maximum length: 35

    Fortinet_CA_SSL

    scep-url

    SCEP server URL for CRL auto-update.

    string

    Maximum length: 255

    source

    Certificate source type.

    option

    -

    user

    Option

    Description

    factory

    Factory installed certificate.

    user

    User generated certificate.

    bundle

    Bundle file certificate.

    source-ip

    Source IP address for communications to a HTTP or SCEP CA server.

    ipv4-address

    Not Specified

    0.0.0.0

    update-interval

    Time in seconds before the FortiGate checks for an updated CRL. Set to 0 to update only when it expires.

    integer

    Minimum value: 0 Maximum value: 4294967295

    0

    update-vdom

    VDOM for CRL update.

    string

    Maximum length: 31

    root
    Previous
    Next

    config certificate crl

    config certificate crl

    Certificate Revocation List as a PEM file.

    config certificate crl
    Description: Certificate Revocation List as a PEM file.
    edit <name>
        set crl {user}
        set http-url {string}
        set ldap-password {password}
        set ldap-server {string}
        set ldap-username {string}
        set range [global|vdom]
        set scep-cert {string}
        set scep-url {string}
        set source [factory|user|...]
        set source-ip {ipv4-address}
        set update-interval {integer}
        set update-vdom {string}
    next
end

    config certificate crl

    Parameter

    Description

    Type

    Size

    Default

    crl

    Certificate Revocation List as a PEM file.

    user

    Not Specified

    http-url

    HTTP server URL for CRL auto-update.

    string

    Maximum length: 255

    ldap-password

    LDAP server user password.

    password

    Not Specified

    ldap-server

    LDAP server name for CRL auto-update.

    string

    Maximum length: 35

    ldap-username

    LDAP server user name.

    string

    Maximum length: 63

    name

    Name.

    string

    Maximum length: 35

    range

    Either global or VDOM IP address range for the certificate.

    option

    -

    global

    Option

    Description

    global

    Global range.

    vdom

    VDOM IP address range.

    scep-cert

    Local certificate for SCEP communication for CRL auto-update.

    string

    Maximum length: 35

    Fortinet_CA_SSL

    scep-url

    SCEP server URL for CRL auto-update.

    string

    Maximum length: 255

    source

    Certificate source type.

    option

    -

    user

    Option

    Description

    factory

    Factory installed certificate.

    user

    User generated certificate.

    bundle

    Bundle file certificate.

    source-ip

    Source IP address for communications to a HTTP or SCEP CA server.

    ipv4-address

    Not Specified

    0.0.0.0

    update-interval

    Time in seconds before the FortiGate checks for an updated CRL. Set to 0 to update only when it expires.

    integer

    Minimum value: 0 Maximum value: 4294967295

    0

    update-vdom

    VDOM for CRL update.

    string

    Maximum length: 31

    root
    Previous
    Next