Mainly for recovery in the event of a catastrophic failure you have a secondary backup location.
I .E. database url cnm publish tftp://1.1.1.1/<filename> Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Monday, September 20, 2010 8:44 AM To: [email protected] Subject: [OSL | CCIE_Security] Certificate Server Database File Publication Hi all When configure IOS CA server, you have an option to configure for router3(cs-server)#database url cnm ? WORD URL of primary storage location publish Store a copy at a storage location All non-critical CS files cnm, crl, crt can be published and used for any other purpose. I am wondering why do we need a separate publish location. The cnm, crl, crt files can be directly taken from storage location. The following configures storage location and publish location. I can take the crl file from flash itself right, why do I need a publish location? Does publish location have any special functionality that the storage location doesn't have?" database url crl flash: database url crl publish nvram: Snippet from http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/gu ide/sec_cfg_mng_cert_serv_ps6441_TSD_Products_Configuration_Guide_Chapter.ht ml#wp1193646 Certificate Server Database File Publication A publish file is a copy of the original file and is available for other processes to use or for your use. If the certificate server fails to publish a file, it does cause the server to shut down. You may specify one publish location for the issued certificates file and name file and multiple publish locations for the CRL file. See Table <> 2 for files types available for publication. You may publish files regardless of the database level that is set. Table 2 File Extension File Type .crl The CRL publish location. .crt The issued certificates publish location. .cnm The certificate name and expiration file publish location. With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
