Skip to main content
Skip table of contents

Distribution Point in Certificate Manager

This article is valid for Certificate Manager 8.4 and later.

The Distribution Point (DP) service in Protocol Gateway is used to allow for retrieval of CRLs, CILs and CA certificates for external applications without authentication. This allows external services to verify which certificates are still valid according to the CM system and retrieving the certificate chain.

The standard configuration supports the following endpoints:

  • crl/<crl-name> - Retrieves the CRL by the configured cxlprocedure or by the configured cxlfile
  • cil/<cil-name> - Retrieves the CIL by the configured cxlprocedure or by the configured cxlfile
  • ca/<ca-name> - Retrieves the CA certificate by the configured ca or by the configured cafile

For the crl and cil endpoints, the crl-name represents both the desired file name and parts of the retrieval URL. The cxlprocedure is the procedure name in the Administrator's workbench (AWB) in Certificate Manager. The cxlfile is the name of the file to distribute. Either cxlprocedure or cxlfile as well as crl-name must be
defined in dp.properties.

For the ca endpoint, the ca-name represents both the desired file name and parts of the retrieval URL. The ca parameter is the name of the CA as specified in the Administrator's workbench (AWB) in Certificate Manager. Either cxlprocedure or cxlfile as well as ca-name must be defined in dp.properties.

Related information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.