x509-use-crl

Use the certificate revocation list

Syntax

--x509-use-crl

Description

x509-use-crl specifies that the server instance uses the certificate revocation list. By default, instances do not use any certificate revocation lists. In case, the CRLs in the CA store are ignored.

If x509-use-crl is added, the CRLs are loaded and participate in the client certificate verification. If the CRL has expired, the SSL handshake is rejected.

Examples

The instance uses certificate revocation list when authenticating clients.

--x509-use-crl
Was this topic helpful?