Working in the CLI
Certificate Revocation List Commands
The
crl
context provides commands for managing Certificate Revocation Lists (or CRLs). CRLs can
be used to verify that the certificates used by Equalizer are valid and have not been compromised.
A CRL is uploaded to Equalizer using commands in the
crl
context, and then associated with one or
more clusters in the cluster specific context. Whenever a certificate is used to authenticate a
connection to the cluster, the CRL is checked to make sure the certificate being used has not been
revoked. The supported commands in the
crl
context are shown in the following tables.
Note
- If a CRL attached to a cluster was generated by a Certificate Authority (CA) different from the CA used to gen-
erate a client certificate presented when connecting to the cluster, an error occurs. The CRL and client certificate must
be signed by the same CA.
Using CRL Commands in the Global Context
eqcli >
certificate
certname [cmd ...]
: Create certname (
req_cmds
= *
commands below)
eqcli >
certificate
certname cmd
...
: Modify
certname (cmd
= any com-
mands below)
eqcli >
no certificate
certname
: Delete
certname
eqcli >
show certificate [
certname
]
: Display all certificates or
certname
eqcli >
certificate
certname
: Change to "cert-certname" con-
text (see below)
Using CRL Commands in a CRL specific Context
eqcli crl-crlname>
crlfile
{edit|url}
: Upload the CRL
eqcli crl-crlname>
show
: Display CRL crlname
The arguments to the
crlfile
command are:
l
edit -
Launch an editor to supply the content of the CRL file.
l
url -
Download the CRL file from the
ftp://
or
http://
protocol URL supplied on the command line.
168
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
Содержание Equalizer GX Series
Страница 18: ......
Страница 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 42: ......
Страница 52: ......
Страница 64: ......
Страница 72: ......
Страница 76: ......
Страница 123: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 123 Equalizer Administration Guide ...
Страница 228: ......
Страница 238: ......
Страница 411: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 411 Equalizer Administration Guide ...
Страница 459: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 459 Equalizer Administration Guide ...
Страница 476: ......
Страница 492: ......
Страница 530: ......
Страница 614: ......
Страница 626: ......
Страница 638: ......
Страница 678: ......
Страница 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 754: ......
Страница 790: ......
Страница 804: ......
Страница 842: ......
Страница 847: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 847 Equalizer Administration Guide ...
Страница 866: ......