Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

HTTP Publishing Method

SSH Tectia Certifier includes a convenient way of publishing CRLs without the need for a full-scale LDAP deployment: The built-in HTTP server of the Web Enrollment Service can be used for CRL publishing.

If you have chosen the HTTP publishing method for CRLs, the only setting that needs to be defined is the Web Enrollment Service instance that is being used for CRL publishing. Remember to enable CRL publishing in the Web Enrollment Service configurations in order to be able to select it from the Web enrollment service connection drop-down list.

As the server address is not always sufficient for external PKI clients to connect to the Enrollment Service, the URL prefix for CRL distribution points in Enrollment Service configuration must also be set to contain correct address and port information. For example, is a valid setting. See Section Editing the Web Enrollment Service.

To include the CRL distribution point information in the issued certificates, the publishing method has to have the Include in Certificates check box selected and the CA policy has to contain the Set CRL Distribution Point module.

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now