Verifying certificates without CRL checking
Enter system view.
system-view
Enter PKI domain view.
pki domain domain-name
Disable CRL checking.
undo crl check enable
By default, CRL checking is enabled.
Return to system view.
quit
Obtain a CA certificate for the PKI domain.
See "Obtaining certificates."
The PKI domain must have a CA certificate before you can verify certificates in it.
Manually verify the certificate validity.
pki validate-certificate domain domain-name { ca | local }
This command is not saved in the configuration file.