Distribution Point in Certificate Manager
The Distribution Point (DP) service in Protocol Gateway is used to allow for retrieval of CRLs, CILs and CA certificates for external applications without authentication. This allows external services to verify which certificates are still valid according to the CM system and retrieving the certificate chain.
The standard configuration supports the following endpoints:
crl/<crl-name>- Retrieves the CRL by the configuredcxlprocedureor by the configuredcxlfilecil/<cil-name>- Retrieves the CIL by the configuredcxlprocedureor by the configuredcxlfileca/<ca-name>- Retrieves the CA certificate by the configuredcaor by the configuredcafile
For the crl and cil endpoints, the crl-name represents both the desired file name and parts of the retrieval URL. The cxlprocedure is the procedure name in the Administrator's workbench (AWB) in Certificate Manager. The cxlfile is the name of the file to distribute. Either cxlprocedure or cxlfile as well as crl-name must be
defined in dp.properties.
For the ca endpoint, the ca-name represents both the desired file name and parts of the retrieval URL. The ca parameter is the name of the CA as specified in the Administrator's workbench (AWB) in Certificate Manager. Either cxlprocedure or cxlfile as well as ca-name must be defined in dp.properties.