Filter
Top Products
Using Enhanced Security Features
288 EncrypTight User Guide
you must remember to periodically retrieve a copy of the CRL and install it on each of the EncrypTight
components.
NOTE
CRLs are only supported in ETEPs with software version 1.6 or later. You must upgrade ETEPs with
earlier software versions in order to use this feature. To learn more about upgrading the software on
ETEPs, see “Installing Software Updates” on page 73.
Configuring CRL Usage in EncrypTight and the ETKMSs
By default the management workstation and the ETKMS read installed certificates to find the location of
the CRL. You can override this behavior and specify a local directory for the CRL instead.
To use CRLs with the EncrypTight software:
1 On the management workstation, create a directory where you want to store the CRL files.
2 In EncrypTight, select Edit > Preferences.
3Click ETEMS to expand the tree, and then click Communications (see Figure 95).
4Click Browse for the CRL File Location option, navigate to the desired directory, and select the
CRL.
5Click Open.
6Click OK.
NOTE
This setting does not take effect until you enable strict authentication.
To use CRLs with the ETKMS:
1 Log in as root and create a directory on the ETKMS in which you want to store the CRL.
2 Copy the CRL to the new directory on the ETKMS.
3 Edit the file
/opt/etkms/conf/kdist.properties and add the following line in the Certificate
Configuration section:
crlPath=/<Directory>
Where <Directory> is the full path to the directory you created.
4 Save and close the file.
For example:
# Certificate configuration
strictCertificateAuth=true
crlPath=/opt/etkms/crls
Configuring CRL Usage on ETEPs
You manage CRLs for the ETEPs using the Certificate Manager perspective in the EncrypTight software.