How to configure CRL in F5

if you did it correctly i should shown up in the drop down list under the client auth section at "Certificate Revocation List (CRL)". if that only says None you might have done something wrong, what tmos version are you using?

PS: please delete your double post.

thanks for your reply,

The F5 version is 10.2.4, I have uploaded the file to F5 using winscp and convert the file to .pme format using below command. "openssl crl -inform DEM -outform PEM -in certcrl.crl -out certcrl.pem "

Below the list of file in ssl.crl directory. ssl.crl ls -la total 27 drwxr-xr-x 2 root root 1024 Sep 25 16:11 . drwxr-xr-x 6 root root 1024 Apr 25 2012 .. -rw-r--r-- 1 root root 11318 Sep 25 15:49 gcacomb.pem

but still its not shown up in the drop down list.

thanks for your reply,

The F5 version is 10.2.4, I have uploaded the file to F5 using winscp and convert the file to .pme format using below command. "openssl crl -inform DEM -outform PEM -in certcrl.crl -out certcrl.pem "

Below the list of file in ssl.crl directory. ssl.crl ls -la total 27 drwxr-xr-x 2 root root 1024 Sep 25 16:11 . drwxr-xr-x 6 root root 1024 Apr 25 2012 .. -rw-r--r-- 1 root root 11318 Sep 25 15:49 gcacomb.pem

but still its not shown up in the drop down list.

saw this in a script, might help you:

bigpipe profile clientssl demo-clientssl crl file demo.pem

Do you have System > File Management available in the GUI? If so I'd suggest you download the converted file to your PC and reupload using the GUI to ensure it's recognised.

Thanks for letting me know about the double post Boneyard :)

Thanks Boneyard , It works with the script .

Version 10.2.4 doesn't have system>File Management option. Thanks fore your reply.