Editing a Certificate Revocation List
Edit information about where a certificate authority's certificate revocation list (CRL) is stored or the custom formatted URL configured as the CRL distribution point (CDP).
You can edit where the certificate revocation list (CRL) is stored and the custom formatted URL configured as the CRL distribution point (CDP). The command you use depends on whether the CA is a root CA or a subordinate CA.
Use the oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details command and required parameters to edit the revocation configuration of a root CA:
oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id <CA_OCID> --certificate-revocation-list-details <CDP_URL_and_CDP_object_storage>
For example:
oci certs-mgmt certificate-authority update-root-ca-by-generating-config-details --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --certificate-revocation-list-details file://path/to/revocationconfig.json
To edit the revocation configuration of a subordinate CA, open a command prompt and run the oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca command and required parameters:
oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id <CA_OCID> --certificate-revocation-list-details <CDP_URL_and_CDP_object_storage>
For example:
oci certs-mgmt certificate-authority update-subordinate-ca-issued-by-internal-ca --certificate-authority-id ocid1.certificateauthority.oc1.<region>.<unique_id> --certificate-revocation-list-details file://path/to/revocationconfig.json
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the UpdateCertificateAuthority operation to edit the revocation configuration of a CA.