Fortinet black logo

CLI Reference

system certificate crl-group

system certificate crl-group

Use this command to create a group of CRLs that you have already uploaded to FortiWeb.

To ensure that FortiWeb validates only certificates that have not been revoked, you should periodically upload current certificate revocation lists (CRL) that may be provided by certificate authorities (CA). Once you've uploaded the CRL(s) you want to use, create CRL groups to include in your FortiWeb configuration.

For more information about CRLs and CRL groups, see the FortiWeb Administration Guide:

http://docs.fortinet.com/fortiweb/admin-guides

To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

Syntax

config system certificate crl-group

edit <crl_group_name>

config members

edit <entry_index>

set <crl_name>

next

end

next

end

Variable Description Default

<crl_group_name>

Type the name of the CRL group. You will use this name to select the CRL group in other parts of the configuration. The maximum length is 63 characters. No default.

<entry_index>

Type the index number of the individual entry in the table. No default.

<crl_name>

Type the name of a CRL that you want to include in the group. The maximum length is 63 characters. For details, see system certificate crl. No default.

Related topics

system certificate crl-group

Use this command to create a group of CRLs that you have already uploaded to FortiWeb.

To ensure that FortiWeb validates only certificates that have not been revoked, you should periodically upload current certificate revocation lists (CRL) that may be provided by certificate authorities (CA). Once you've uploaded the CRL(s) you want to use, create CRL groups to include in your FortiWeb configuration.

For more information about CRLs and CRL groups, see the FortiWeb Administration Guide:

http://docs.fortinet.com/fortiweb/admin-guides

To use this command, your administrator account’s access control profile must have either w or rw permission to the admingrp area. For details, see Permissions.

Syntax

config system certificate crl-group

edit <crl_group_name>

config members

edit <entry_index>

set <crl_name>

next

end

next

end

Variable Description Default

<crl_group_name>

Type the name of the CRL group. You will use this name to select the CRL group in other parts of the configuration. The maximum length is 63 characters. No default.

<entry_index>

Type the index number of the individual entry in the table. No default.

<crl_name>

Type the name of a CRL that you want to include in the group. The maximum length is 63 characters. For details, see system certificate crl. No default.

Related topics