Uploading Certificate Revocation List

An example to create a Certificate Revocation List (CRL). Explains the steps to upload the CRL through the Certificate Repository screen.

Creating a CRL - An Example

To create a CRL:

  1. In the CLI Manager, navigate to Administration > OS Console.

  2. Run the following command to revoke a client certificate:

    openssl ca -config demoCA/newcerts/openssl.cnf -revoke Client.crt -keyfile CA.key -cert CA.crt

  3. Run the following command to generate a CRL:

    openssl ca -config demoCA/newcerts/openssl.cnf -gencrl -keyfile CA.key -cert CA.crt -out Client.crl

Uploading the CRL

To upload CRL:

  1. On the ESA Web UI, navigate to Settings > Network > Certificate Repository .

    Certificate Repository screen

  2. Click Upload New Files.

    The Upload new file to repository dialog box appears.

  3. Click Certificate Revocation List to upload a CRL file.

    Upload CRL screen

  4. Click Choose File to select a CRL file.

  5. Enter the required description in the Description text box.

  6. Click Upload.

A confirmation message appears and the CRL is uploaded to the ESA.


Last modified : April 08, 2025