+

Search Tips   |   Advanced Search

Certificate revocation list collection


To determine the location of the certificate revocation list (CRL) known to the appserver. The Application Server checks the CRL to determine the validity of the client certificate. A certificate that is found in a certificate revocation list might not be expired, but is no longer trusted by the certificate authority (CA) that issued the certificate. The CA might add the certificate to the certificate revocation list if it believes that the client authority is compromised.

View the admin console panel for the collection certificate store on the cell level.

  1. Click Security > JAX-WS and JAX-RPC security runtime.

  2. Under additional properties, click Collection certificate store.

  3. Click the name of a configured collection certificate store or create a new collection certificate store first.

  4. Under Additional properties, click Certificate revocation list.

View the admin console panel for the collection certificate store on the server level.

  1. Click Servers > Server Types > WebSphere application servers > server_name.

  2. Under Security, click JAX-WS and JAX-RPC security runtime.

    In a mixed node cell with a server using Websphere Application Server version 6.1 or earlier, click Web services: Default bindings for WS-Security

  3. Under Additional properties, click Collection certificate store.

  4. Click the name of a configured collection certificate store or create a new collection certificate store first.

  5. Under Additional properties, click Certificate revocation list.

View the admin console page for the collection certificate store on the application level.

  1. Click Applications > Application Types > WebSphere enterprise apps > application_name.

  2. Under Modules, click Manage modules > URI_name.

  3. Under WS-Security Properties, we can access collection certificate stores for the following bindings:

  4. Click the name of a configured collection certificate store or create a new collection certificate store first.

  5. Under Additional properties, click Certificate revocation list.

  6. Under Additional properties, we can access collection certificate stores for the following bindings:

  7. Under Additional properties, click Collection certificate store > certificate_store_name.

  8. Under Additional properties, click X.509 certificates.

  9. Click New and specify the path to the certificate revocation list.

Add a certificate revocation list for a version 5.x application.

  1. Click Applications > Application Types > WebSphere enterprise apps > application_name.

  2. Under Related items, click Manage modules > URI_name.

Certificate revocation list path

Location where we can find the list of certificates that are not valid.





 

Related tasks


Set the collection certificate store for the generator binding on the application level

 

Related


Certificate revocation list settings
Collection certificate store collection
Collection certificate store settings