Configuring PKI certificate verification without CRL checking

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter PKI domain view.

pki domain domain-name

N/A

3. Disable CRL checking.

crl check disable

Enabled by default.

4. Return to system view.

quit

N/A

5. Retrieve the CA certificate.

See "Retrieving a certificate manually"

N/A

6. Verify the validity of the certificate.

pki validate-certificate { ca | local } domain domain-name

N/A