This task allows you to create a CRL Distribution Point object in eDirectory. This object can be created in any container in the eDirectory tree. As part of the creation process, you are asked to provide a CRL. You need to obtain a CRL from a third-party CA. If you don't have a CRL file at the time you create the CRL Distribution Point object, you can still create the object and import the CRL later.
NOTE: The term CRL Distribution Point is used in a couple of ways. It is the eDirectory schema object name for the CRL object and it can be used in general terms as the point where the CRL information is published.
To create a CRL object:
Launch Novell iManager.
Log in to the eDirectory tree as an administrator with the appropriate rights.
To view the appropriate rights for this task, see Entry Rights Needed to Perform Tasks.
From the Roles and Tasks menu, select Novell Certificate Server > Create CRL Object.
Type a name for the object and provide the context where you want the object to reside.
Paste a copy of the CRL into the field or read it from a CRL file.
Click OK to create the object.
This task allows you to import a CRL signed by a third-party certificate authority into a CRL Distribution Point object. This option is only active if no CRL is present in the object.
Log in to the eDirectory tree as an administrator with the appropriate rights.
To view the appropriate rights for this task, see Entry Rights Needed to Perform Tasks.
Start ConsoleOne.
Double-click the CRL Distribution Point object that you want to import the CRL into.
Click Import.
If the Import button is not active, it means that this CRL Distribution Point object already contains a CRL. You can replace the existing CRL by clicking Replace.
Paste a copy of the CRL into the field or read it from a CRL file.
Click Finish.
You can export the CRL that is contained in the CRL Distribution Point object to a file.
Log in to the eDirectory tree as an administrator with the appropriate rights.
To view the appropriate rights for this task, see Entry Rights Needed to Perform Tasks.
Start ConsoleOne.
Double-click the CRL Distribution Point object that you want to export the CRL from.
Click Export.
If the Export button is not active, it means that this CRL Distribution Point object does not contain a CRL. You can import a CRL by clicking Import.
Select the format you want to save the CRL to (binary encoded DER or text encoded Base64), then specify a filename.
The extension for the file is .crl by default. You can also browse to select the location that the file will be saved to.
Click Export.
Log in to the eDirectory tree as an administrator with the appropriate rights.
To view the appropriate rights of this task, see Entry Rights Needed to Perform Tasks.
Start ConsoleOne.
Double-click the CRL Distribution Point object that contains the CRL you want to replace.
Click Replace.
If the Replace button is not active, it means that this CRL Distribution Point object does not contain a CRL. You can import a CRL by clicking Import.
Paste a copy of the new CRL into the field or read it from a CRL file.
Click Finish.
Log in to the eDirectory tree as an administrator with the appropriate rights.
To view the appropriate rights for this task, see Entry Rights Needed to Perform Tasks.
Start ConsoleOne.
Double-click CRL Distribution Point object.