Bug #16504
closed
Imported CRL Shows as ‘Unknown (imported)’ and Cannot Be Edited
0%
Description
Steps to Reproduce
1. On Firewall 1, export the CRL.
2. Export the CA used by that CRL on Firewall 1.
3. Export the Cert/s listed on the CRL
4. On Firewall 2, import the exported CA.
5. On Firewall 2, import the certificates that were in the CRL.
6. Navigate to: System → Certificates → Revocation.
7. From the dropdown, select the imported CA, then click Add.
8. In the CRL data field, paste the content of the CRL file exported in Step 1, and click Save.
Problem
The newly imported CRL displays as:
Unknown (imported) instead of showing the number of revoked certificates.
The CRL cannot be edited after import.
You must manually import CA and all the Certificates that were part of the CRL.
Expected behaviour
When exporting the CRL, it should contain the CA and all the certs from the imported CRL
Updated by Jim Pingle 2 days ago
- Status changed from New to Not a Bug
That is fully expected behavior. There is more data in the CRL config that is used to generate the CRL, the actual CRL data doesn't contain enough information for another system to be able to edit it.
You'd have to edit the entire CRL entry XML into the other firewall config, not the generated CRL data.