skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 2:... HP Open Source Security for OpenVMS Volume 2:...
go to beginning of chapter: Using the Certificate Tool Using the Certificate Tool
go to previous page: Revoke a Certificate Revoke a Certificate
go to next page: Hash CertificatesHash Certificates
end of book navigation links

Create a Certificate Revocation List 



After you have revoked all known compromised certificates, you should create a Certificate Revocation List (CRL). You can create a CRL using the HP SSL Certificate Tool.

To create a CRL, perform the following steps:

  1. From the Main Menu, select Option 8 - Create a Certificate Revocation List.

  2. Enter the filenames of the Certificate Authority (CA) certificate and key.

  3. Enter the filename of the Certificate Revocation List. This is the file into which the CRL will be written.

  4. Enter the number of days until the next CRL will be issued. Certificate Authorities typically issue CRLs on a periodic basis to maintain the current status of the certificates that it has signed.

  5. Enter the PEM passphrase of the CA's key.

The Certificate Tool then creates the CRL in the specified file.

go to previous page: Revoke a Certificate Revoke a Certificate
go to next page: Hash CertificatesHash Certificates