This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
If the CRL Distribution URL isn't available, it's possible to tell ISE to retain the current CRL in a cached state. This doesn't persist between reboots.
Is there any time limit on how long the CRL is cached and used for subsequent authentications, or is it perpetual until either the CDP is accessible or until the ISE node is rebooted?
Solved! Go to Solution.
So if the effective dates of the CRL are ignored, the ISE nodes will maintain the CRL in cache indefinitely until the node is reset?