Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE CRL download

Hi i have question the ACE appliance running 4.x version of software. I use client authenticatin using certificates form external CA (linux nad openssl). I also want be able to use crl's. The question is: when exactly does ace download crl? I know that it downloades the crl right after configuring a cdp point. But after that there is a problem. For example i create crl's every 24 hours, and every crl is valid for 24h. So the ace download the crl:

A) befere the crl expires, and if so exactly what time before that?

B) in the exact time the crl expires?

C) after the crl expires, and then how long after that?

Right know the ace simply downloads the crl from cdp after the configuration, and that at some random time that is not even near the crl validity time. It even does not try to download it (i made wireshark captures, so I am shure it does not try). As we speak Tac is trying to find it out but maybe someone here has managed to find that out on his own.

Sent from Cisco Technical Support iPad App

CreatePlease login to create content