Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
2
Replies

CRL times out and sessions drop

kirkster
Level 3
Level 3

‎06-20-2006 01:01 AM - edited ‎03-09-2019 03:18 PM

Hi,

I am new to the IOS CA feature. I set the CRL timeout deliberatley low on the IOS CA to 24 hours. The router certificates are valid for 2 days. The CRL times out and all the remote routers drop their sessions complaining that the CRL is invalid. I can understand that the CRL is indeed invalid - it's timed out. However, I thought that the CA should automatically regenerate a new CRL? It appears NOT to be doing this? Any ideas? This is the config on my IOS CA.

crypto pki server CA

database level complete

database url nvram

issuer-name CN=CA,O=Steve's Systems

lifetime crl 24

lifetime certificate 2

lifetime ca-certificate 1825

Thanks, Steve

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎06-26-2006 05:38 AM

Try resetting CRL to defaults

0 Helpful

mistr
Level 1
Level 1

‎03-22-2007 02:22 AM

Hi Steve,

I have exactly the same problem, I think. I have an IOS CRL which does not get regenerated, did you ever find a solution for this problem?

Regards

Mike Street

0 Helpful
Customers Also Viewed These Support Documents