Netgear 05200007 사용자 설명서

6-26

Using the Certificate Manager

A certificate revocation list (CRL) is a list of certificates that the issuing CA rescinded before their 
expiration dates. This may occur when, for example, a user's name or address changes or the user 
leaves the company. When you retrieve or import a certificate from a CA, it typically contains a 
CRL. If it doesn't, you can import one. You can view a CRL on the CRLs tab in the Certificate 
Manager. 

The client can periodically poll, or check for, CA CRL distribution sites and then retrieve the latest 
CRLs. You must define the site and polling interval.

1.

In the Certificate Manager, view a personal certificate.

2.

On the certificate, if the CRL Dist. Point entry contains an URL, jot down what precedes the 
:// in the URL: http, file, or ldap. 

3.

In the Security Policy Editor, click Options>Certificate Settings. The Certificate Settings 
dialog box opens.

4.

The CRL Dist. Point entry on the personal certificate you just viewed determines your next 
step:

•

If there was no CRL Dist. Point entry, clear the Enable automatic CRL retrieval check 
box.

•

If the CRL Dist. Point entry contained an URL, take these steps:

–

Select the Enable automatic CRL retrieval check box.

–

In  the  CRL retrieval interval (hours) box, specify how often the client checks for 
and retrieves new CRLs from the CA; type the number of hours, from 1 through 24, 
between these checks. The default is 24 hours. 

–

The URL's scheme name determines whether you must complete the Default LDAP 
Server for CRLs box: