SIMPLE SOLUTIONS

CLEAN-CRL(8) - Linux man page online | Administration and privileged commands

Remove orphaned CRL like files from a certificate directory.

Chapter
local
CLEAN-CRL(8) System Manager's Manual CLEAN-CRL(8)

NAME

clean-crl - remove orphaned CRL like files from a certificate directory

SYNOPSIS

clean-crl [-l crlpath] [-v] [-V] [-n] [-h]

DESCRIPTION

The clean-crl utility will remove CRL like files named hash.rn from the directory speci‐ fied with the -l option if there is no corresponding .n file in the same. In effect, if the directory is solely used to hold CA certificates in the common OpenSSL format, it will thus remove CRL files for which the corresponding CA does not or no longer exists in the directory.

OPTIONS

-h --help Show help text. -l --cadir metadata-directory The script will search this directory for files with the suffix .ri. There is no default - a common choice is /etc/pki/tls/certs, /etc/openldap/cacerts, or /etc/grid-security/certificates. -V --version Display version number (same as corresponding fetch-crl) -v --verbose Verbose mode -n --dryrun Do not actually remove any files (useful primarily with -v)

CONFIGURATION

None.

NOTES

This tool does not check the contents of the files removed, and will blindly unlink any file which even remotely looks like an OpenSSL CRL file. Use with extreme caution.

SEE ALSO

fetch-crl(8), openssl(1), http://wiki.nikhef.nl/grid/FetchCRL3

DIAGNOSTICS

Exit status is normally 0; if an error occurs, exit status is 1 and diagnostics will be written to standard error.

LICENSE

Licensed under the Apache License, Version 2.0 (the "License"); http://www.apache.org/licenses/LICENSE-2.0

BUGS

Does not check the contents of the files removed.
Trust Anchor Utilities local CLEAN-CRL(8)
This manual Reference Other manuals
clean-crl(8) referred by
refer to fetch-crl(8) | openssl(1ssl)
Download raw manual
Main page System Manager's Manual (+2060) Trust Anchor Utilities (+2) № 8 (+5755)
Go top