config vpn certificate crl
Certificate Revocation List as a PEM file.
config vpn certificate crl
Description: Certificate Revocation List as a PEM file.
edit <name>
set crl {user}
set range [global|vdom]
set source [factory|user|...]
set update-vdom {string}
set ldap-server {string}
set ldap-username {string}
set ldap-password {password}
set http-url {string}
set scep-url {string}
set scep-cert {string}
set update-interval {integer}
set source-ip {ipv4-address}
next
end
config vpn certificate crl
Parameter |
Description |
Type |
Size |
Default |
||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
crl |
Certificate Revocation List as a PEM file. |
user |
Not Specified |
|
||||||||
range |
Either global or VDOM IP address range for the certificate. |
option |
- |
vdom |
||||||||
|
|
|||||||||||
source |
Certificate source type. |
option |
- |
user |
||||||||
|
|
|||||||||||
update-vdom |
VDOM for CRL update. |
string |
Maximum length: 31 |
root |
||||||||
ldap-server |
LDAP server name for CRL auto-update. |
string |
Maximum length: 35 |
|
||||||||
ldap-username |
LDAP server user name. |
string |
Maximum length: 63 |
|
||||||||
ldap-password |
LDAP server user password. |
password |
Not Specified |
|
||||||||
http-url |
HTTP server URL for CRL auto-update. |
string |
Maximum length: 255 |
|
||||||||
scep-url |
SCEP server URL for CRL auto-update. |
string |
Maximum length: 255 |
|
||||||||
scep-cert |
Local certificate for SCEP communication for CRL auto-update. |
string |
Maximum length: 35 |
Fortinet_CA_SSL |
||||||||
update-interval |
Time in seconds before the FortiGate checks for an updated CRL. Set to 0 to update only when it expires. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
source-ip |
Source IP address for communications to a HTTP or SCEP CA server. |
ipv4-address |
Not Specified |
0.0.0.0 |