Cisco Cisco Packet Data Interworking Function (PDIF)
IPSec Certificates
▀ CRL Fetching
▄ IPSec Reference, StarOS Release 17
132
CLI Commands
Important:
The commands described below appear in the CLI for this release. However, they have not been
qualified for use with any current Cisco StarOS gateway products.
Global Configuration Mode
ca-crl name
This command Configures the name and URL path of a Certificate Authority-Certificate Revocation List (CA-CRL).
The configuration sequence is as follows:
configure
ca-crl name name { der | pem } { url url }
end
url
supports file pathname, TFTP, FTP, SFTP, HTTP and LDAP protocols.:
Refer to the Command Line Interface Reference for a complete description of these commands and their keywords.
Context Configuration Mode
ca-crl list
This command is used to bind a CA-CRL to a crypto map or template.
For a crypto map the configuration sequence is:
configure
context ctxt_name
crypto map template_name { ikev2-ipv4 | ikev2-ipv6 }
ca-crl list
ca-crl-name
end
For a crypto template the configuration sequence is:
configure
context ctxt_name
crypto template template_name ikev2-dynamic
ca-crl list