Procedure to revoke enterprise certificates from devices based on a certificate revocation list.
Before you begin
Make a note of the URL of the root CA CRL.
Procedure
| 1. | From the Cisco SD-WAN Manager menu, choose . |
|
| 2. | On the Administration Settings page, select Edit adjacent to Certificate Revocation List. The certificate revocation options appear. |
|
| 3. | Select Enabled. |
|
| 4. | In the CRL Server URL field, enter the URL of the CRL that you created on your secure server. |
|
| 5. | In the Retrieval Interval field, enter the interval, in hours, at which SD-WAN Manager retrieves the CRL from your secure server and revokes the certificates that the CRL designates. Possible values: 1 to 24 Default retrieval interval: 1 hour |
|
| 6. | Select Save. Cisco SD-WAN Manager immediately retrieves the CRL and revokes the certificates that the CRL designates. From then on, Cisco SD-WAN Manager retrieves the CRL according to the retrieval interval period that you specified. |