Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
431432433434435436437438439440
PKI Certificate Operation Commands 439
pki retrieval-crl Syntax
pki retrieval-crl domain domain-name
View
System view
Parameter
domain-name: Domain name containing CA or RA related information. It is
configured by using the pki domain command.
Description
Use the pki retrieval-crl command to obtain the latest CRL from CRL server for
the verification of the validity of a current certificate.
Related command: pki domain.
Example
# Retrieve a CRL
[SecBlade_VPN] pki retrieval-crl domain 1
pki validate-certificate Syntax
pki validate-certificate { local | ca } domain domain-name
View
System view
Parameter
local: Validates a local certificate;
ca: Validates a CA certificate;
domain-name: Name of the domain the certificate to be validated belongs to. It is
configured by using the pki domain command.
Description
Use the pki validate-certificate command to verify the validity of a certificate.
The focus is to check the CA signature on the certificate, and to make sure that
the certificate is still within the validity period and beyond revocation. All
certificates with authentic signatures of CA can pass the validation, since it is
believed that CA never issues fake certificates.
Related command: pki domain.
Example
# Verify the validity of a certificate.
[SecBlade_VPN] pki validate-certificate domain 1