CLI Reference Guide
234 | crypto-local pki rcp DellPowerConnect W-Series ArubaOS 6.2 | Reference Guide
Usage Guidelines
This command lets you configure the check methods that are used for this revocation check point.. You can
configure the controller to perform real-time certificate revocation checks using the Online Certificate Status
Protocol (OCSP) or traditional certificate validation using the Certificate Revocation List (CRL) client. Refer to
the
Certificate Revocation
chapter in the
Dell PowerConnect W-Series ArubaOS 6.2 User Guide
for more information
on how to configure this feature using both the WebUI and CLI.
Example
This example configures an OCSP client with the revocation check method as OCSP with CRL configured as the
back up method.
The OCSP responder certificate is configured as RootCA-Ocsp_responder. The corresponding OCSP responder
service is available at http://10.4.46.202/ocsp. The revocation check method is OCSP with CRL configured as the
back up method.
crypto-local pki rcp CARoot
ocsp-responder-cert RootCA-Ocsp_responder
ocsp-url http://10.4.46.202/ocsp
crl-location file Security1-WIN-05PRGNGEKAO-CA-unrevoked.crl
revocation-check ocsp crl
Related Commands
Command Description Mode
crypto-local pki
This command configures a local certificate, OCSP
signer or responder certificate and Certificate
Revocation List (CRL). You can also list revocation
checkpoints and enable the responder service.
Config mode
show crypto-local pki
This command shows local certificate, OCSP signer or
responder certificate and CRL data and statistics.
Config mode
Command History
Version Modification
ArubaOS 3.2 Command introduced.
ArubaOS 6.1 The following parameters were introduced:
l CRL
l Intermediate CA
l OCSPResponderCert
l OCSPSignerCert
l global-ocsp-signer-cert
l rcp
l service-ocsp-responder
Command Information
Platforms Licensing Command Mode
All platforms Base operating system Config mode on master or local controllers