Configuring Certificate Revocation List Downloads

You must perform this procedure using the local web interface for the Cisco Defense Orchestrator. In a multidomain deployment, this task is only supported in the Global domain for the Cisco Defense Orchestrator.

The system automatically creates the Download CRL task when you enable downloading a certificate revocation list (CRL) in the local configuration on an appliance where you enable user certificates or audit log certificates for the appliance. You can use the scheduler to edit the task to set the frequency of the update.

Before you begin

Enable and configure user certificates and set a CRL download URL. See Requiring Valid User Certificates for more information.

Enable and configure user certificates or audit log certificates and set one or more CRL download URLs. See Requiring Valid HTTPS Client Certificates and Require Valid Audit Log Server Certificates for more information.

Procedure

Step 1	Select System () > Tools > Scheduling.
Step 2	Click Add Task.
Step 3	From Job Type, select Download CRL.
Step 4	Specify how you want to schedule the CRL download, Once or Recurring: For one-time tasks, use the drop-down lists to specify the start date and time. For recurring tasks, see Configuring a Recurring Task for details.
Step 5	Type a name in the Job Name field.
Step 6	If you want to comment on the task, type a comment in the Comment field. The comment field appears in the Task Details section of the schedule calendar page; keep comments brief.
Step 7	If you want to email task status messages, type an email address (or multiple email addresses separated by commas) in the Email Status To: field. You must have a valid email relay server configured on the Cisco Defense Orchestrator to send status messages.
Step 8	Click Save.