Revoking certificates
To ensure that your FortiWeb appliance validates only certificates that have not been revoked, you should periodically upload a current certificate revocation list (CRL), which may be provided by certificate authorities (CA).
To view or upload a CRL file
1. Go to System > Certificates > CRL.
To access this part of the web UI, your administrator's account access profile must have
Read and
Write permission to items in the
Admin Users category. For details, see
“Permissions”.
2. To upload a CRL file, click Import.
A dialog appears.
3. Do one of the following to locate a CRL file:
• Select HTTP, then enter the URL of an HTTP site providing a CRL service.
• Select SCEP, then enter the URL of the applicable Simple Certificate Enrollment Protocol server. (SCEP allows routers and other intermediate network devices to obtain certificates.)
• Select Local PC, then browse to locate a certificate file.
4. Click OK.
The imported CRL file appears on System > Certificates > CRL with a name automatically assigned by the FortiWeb appliance, such as CRL_1.