If you are enrolled with IOS CA server and the client, support SCEP, then it will use SCEP to retrieve the CDP url.
If the client doesn't support SCEP, then use the following url *cdp-url* http://*cs-addr*/cgi-bin/pkiclient.exe?operation=GetCRL Snippet from http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_cfg_mng_cert_serv_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1193934 If you have PKI clients that are not running Cisco IOS software and that do not support a SCEP GetCRL request and wish to use a CDP you may set up an external server to distribute CRLs and configure the CDP to point to that server. Or, you can specify a non-SCEP request for the retrieval of the CRL from the certificate server by specifying the *cdp-url* command with the URL in the following format where *cs-addr* is the location of the certificate server: *cdp-url* http://*cs-addr*/cgi-bin/pkiclient.exe?operation=GetCRL With regards Kings On Sat, Aug 6, 2011 at 7:22 PM, Bruno <[email protected]> wrote: > Mainly 2 simple question I think > > 1) If we are told to set up CA server with CDP for clients which support > SCEP, should I do the following? > *cdp-url* http://my-cdp.company.com/filename.crl > > 2) After restoring a CA server, supposing we are asked to change the > Issuer-name, is that possible? (This question came up after some ipx lab > which task was to restore and after restore to set up a different > issuer-name. Answer shows this but I tried many times and couldn't change > it) > > thanks in advance > > -- > Bruno Fagioli > Cisco Security Professional > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
