Overriding a Certificate Revocation List (CRL) Configuration

1. Select Configuration > Devices from the web UI.
   The Device Configuration screen displays a list of managed devices or peer controllers, service platforms, or access points.
2. Select Profile Overrides > Security.
3. Select Certificate Revocation.
   

   Note

   A blue override icon (to the left of a parameter) defines the parameter as having an override applied. To remove an override go to the Basic Configuration section of the device and click Clear Overrides. This removes all overrides from the device.
4. Click + Add Row to add a column in the Certificate Revocation List (CRL) Update Interval table to quarantine certificates from use in the network.
   Additionally, a certificate can be placed on hold for a user defined period. If, for instance, a private key was found and nobody had access to it, its status could be reinstated.
   1. In the Trustpoint Name field, provide the name of the trustpoint in question.
      The name cannot exceed 32 characters.
   2. In the URL field, enter the third-party resource ensuring the trustpoint's legitimacy.
   3. Use the spinner control to specify an interval (in hours) after which a device copies a CRL file from an external server and associates it with a trustpoint.
5. Click OK to save the changes or overrides to the Certificate Revocation screen.
   Click Reset to revert to the last saved configuration.