Knowledge Search


×
 

[Archive] Automatic CRL Retrieval From Entrust Using LDAP

  [KB4796] Show Article Properties


Summary:

Automatic CRL Retrieval From Entrust Using LDAP

Solution:

When using automatic Certificate Revocation List (CRL) Retrieval from Entrust using Lightweight Directory Access Protocol (LDAP), make sure the CRL format is DER. If base64 is selected, the Internet Key Exchange (IKE) messages will show an 'invalid message ID=0' debug IKE message.

note: If you load the CRL manually, you will not typically see any problems. When you submit the CRL manually, it doesn't care what format the CRL is in.
 

Related Links: