Cisco Catalyst SD-WAN Certificate Management Guide, Releases 26.x and Later

PDF

Revoke certificates

Want to summarize with AI?

Log in

Procedure to revoke enterprise certificates from devices based on a certificate revocation list.


Before you begin

Make a note of the URL of the root CA CRL.

Procedure

1.

From the Cisco SD-WAN Manager menu, choose Administration > Settings.

2.

On the Administration Settings page, select Edit adjacent to Certificate Revocation List.

The certificate revocation options appear.

3.

Select Enabled.

4.

In the CRL Server URL field, enter the URL of the CRL that you created on your secure server.

5.

In the Retrieval Interval field, enter the interval, in hours, at which SD-WAN Manager retrieves the CRL from your secure server and revokes the certificates that the CRL designates.

Possible values: 1 to 24

Default retrieval interval: 1 hour

6.

Select Save.

Cisco SD-WAN Manager immediately retrieves the CRL and revokes the certificates that the CRL designates. From then on, Cisco SD-WAN Manager retrieves the CRL according to the retrieval interval period that you specified.