07-22-2019 12:38 AM
Hi all,
If the CRL Distribution URL isn't available, it's possible to tell ISE to retain the current CRL in a cached state. This doesn't persist between reboots.
Is there any time limit on how long the CRL is cached and used for subsequent authentications, or is it perpetual until either the CDP is accessible or until the ISE node is rebooted?
Thanks!
Solved! Go to Solution.
07-22-2019 04:27 PM
Correct.
07-22-2019 06:09 AM
See the option "Ignore that CRL is not yet valid or expired" in Edit Certificate Settings
07-22-2019 02:18 PM
Hi,
So if the effective dates of the CRL are ignored, the ISE nodes will maintain the CRL in cache indefinitely until the node is reset?
07-22-2019 04:27 PM
Correct.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide