No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
cdp-url

cdp-url

Function

The cdp-url command configures the CRL distribution point (CDP) URL.

The undo cdp-url command deletes the configured CDP URL.

By default, no CDP URL is configured.

Format

cdp-url [ esc ] url-addr

cdp-url from-ca

undo cdp-url

Parameters

Parameter Description Value
esc Indicates that the URL address is in ASCII mode. -
url-addr Specifies the CDP URL.

The value is a string starting with http:// and consisting of 1 to 128 case-sensitive characters without spaces.

from-ca Specifies that the CDP URL address is obtained from the CA certificate. -

Views

PKI realm view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a PKI entity needs to use HTTP to update CRL, it must set up a connection with the HTTP server based on CDP URL, and obtain the CRL from the HTTP server. By default, a PKI entity locates and downloads CRL based on the method (HTTP) in the CDP information of the local certificate. If you do not want to download CRL based on the CDP URL in the local certificate, run this command to configure the PKI entity to obtain CDP URL from the CA certificate or manually configure the CDP URL.

When CRL is automatically updated by SCEP, you can also manually configure a CDP URL address.

Configuration Impact

Manually configuring a CDP URL address overwrites the CDP carried in the certificate. If the certificate does not contain CDP information and no CDP URL address is manually configured, the device requests the CRL from the CA server using SCEP.

Keyword esc only supports the URLs that include the question mark (?) in the ASCII code. The URL must be in \x3f format, and 3f is the hexadecimal ASCII code for the question mark (?). For example, if a user wants to enter http://***.com?page1, the URL is http://***.com\x3fpage1. If a user wants to enter http://www.***.com?page1\x3f that includes both a question mark (?) and \x3f, the URL is http://www.***.com\x3fpage1\\x3f.

Example

# Set the CDP URL to http://10.1.1.1/certenroll/ca_root.crl.

<Huawei> system-view
[Huawei] pki realm d1
[Huawei-pki-realm-d1] crl scep 
[Huawei-pki-realm-d1] cdp-url http://10.1.1.1/certenroll/ca_root.crl

# Set the CDP URL to http://www.***.com/certenroll/ca_root.crl.

<Huawei> system-view
[Huawei] pki realm d1
[Huawei-pki-realm-d1] crl scep
[Huawei-pki-realm-d1] cdp-url http://www.***.com/certenroll/ca_root.crl
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 194691

Downloads: 118

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next