A certificate revocation list (CRL) is a list of certificates that have been revoked before their scheduled expiration date. The PGP Universal Server retrieves CRLs for certificates from CRL Distribution Points (DP).
PGP Universal Server includes a Certificate Revocation List (CRL) service that, when enabled (the default setting), monitors the status of keys and their associated certificates. When a key is revoked, the corresponding certificate is automatically added to the CRL.
There are two ways for a key to be revoked, causing the certificate to be added to the CRL:
The key is manually revoked by a PGP Universal Server administrator.
If a new key is imported for an existing internal user, the old key is automatically revoked.
The only way to revoke a certificate is to revoke the corresponding key. The CRLs created by PGP Universal Server are valid for a configurable number of days; the default is 7 days.
Imported Document ID: TECH149750
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.