Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

185

53-1003099-01

5

A certificate revocation list (CRL) is a list of revoked certificates that are no longer valid. A
certificate can be revoked if the certificate authority (CA) had improperly issued a certificate, or if a
private-key is compromised. The most common reason for revocation is the user no longer being in
sole possession of the private key.

To define a Certificate Revocation configuration or override:

1. Select Devices from the Configuration tab.

The Device Configuration screen displays a list of managed devices or peer controllers, service
platforms or Access Points within the managed network.

2. Select a target device (by double-clicking it) from amongst those displayed within the Device

Configuration screen.

Devices can also be selected directly from the Device Browser in the lower, left-hand, side of
the UI.

3. Select Profile Overrides from the Device menu to expand it into sub menu options.

4. Select Security to expand its sub menu options.

5. Select Certificate Revocation.

NOTE

A blue override icon (to the left of a parameter) defines the parameter as having an override applied.
To remove an override go to the Basic Configuration section of the device and click the Clear
Overrides button. This removes all overrides from the device.

FIGURE 83

Profile Overrides - Certificate Revocation screen

6. Select the + Add Row button to add a column within the Certificate Revocation List (CRL)

Update Interval table to quarantine certificates from use in the managed network.

Additionally, a certificate can be placed on hold for a user defined period. If, for instance, a
private key was found and nobody had access to it, its status could be reinstated.