Store Certificate Revocation List in Domino® or LDAP Directory

The Domino® CA process issues and maintains certificate revocation lists (CRLs) for each Internet certifier.

A certificate revocation list is a time-stamped list of revoked certificates and the time of their revocation -- for example, certificates belonging to terminated employees. You configure the CRL when you create a new Internet certifier.

Triggered by: Once a CRL is configured, the CA issues them on a regular basis and they operate unattended. The CA process determines that it is time to publish a CRL and generates this request according to a predetermined schedule. For example, this request is generated when an Internet Certificate is created.

Carried out on: Administration server for the Domino® Directory.

Carried out: Immediately

Result: Certificate revocation list is created in the Domino® Directory.

Note: The CA process does not support the ability to publish CRLs to an LDAP directory.