Zentyal Forum, Linux Small Business Server

Zentyal Server => Other modules => Topic started by: hanse on November 01, 2021, 08:48:15 pm

Title: CRL URL
Post by: hanse on November 01, 2021, 08:48:15 pm
I have deployed Zentyal and have so far found a lot of the stuff to be well done. One thing I am struggling with (and probably struggling with the concept as a whole) are the certificates.

I understand that I can create a certificate through the UI for a service, and then download that certificate and use it for whatever service (like Windows workstation authentication etc). But something that comes up in my searches is Windows AD offering a so-called CRL URL, where a list of revoked certificates can be obtained, and in such a way access can be restricted if a cert is on this revoked list.

Is there any such a URL in Zentyal? And if there is, is this URL automatically updated whenever I revoke a cert?

Any and all help will be greatly appreciated!
Title: Re: CRL URL
Post by: turalyon on November 04, 2021, 02:11:07 pm

Take a look at the directory '/var/lib/zentyal/, there you should see subdirectory called 'CA' with the certificates, keys and CRL information.


“This world is ours, and by the Holy Light we will keep it safe, now and forever"