Author Topic: CRL URL  (Read 1386 times)

hanse

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
CRL URL
« on: November 01, 2021, 08:48:15 pm »
I have deployed Zentyal and have so far found a lot of the stuff to be well done. One thing I am struggling with (and probably struggling with the concept as a whole) are the certificates.

I understand that I can create a certificate through the UI for a service, and then download that certificate and use it for whatever service (like Windows workstation authentication etc). But something that comes up in my searches is Windows AD offering a so-called CRL URL, where a list of revoked certificates can be obtained, and in such a way access can be restricted if a cert is on this revoked list.

Is there any such a URL in Zentyal? And if there is, is this URL automatically updated whenever I revoke a cert?

Any and all help will be greatly appreciated!
Regards

turalyon

  • Zen Warrior
  • ***
  • Posts: 197
  • Karma: +15/-0
    • View Profile
Re: CRL URL
« Reply #1 on: November 04, 2021, 02:11:07 pm »
Hi,

Take a look at the directory '/var/lib/zentyal/, there you should see subdirectory called 'CA' with the certificates, keys and CRL information.

--

“This world is ours, and by the Holy Light we will keep it safe, now and forever"