||User Contributed Perl Documentation
OpenXPKI::Crypto::Profile::CRL - cryptographic profile for CRLs.
Create a new profile instance. Profile definitions are loaded from the config
layer. The profile name can be given explicit via <ID>, in this case the
node crl.<profile> must exist.
If no profile is given, the config layer is checked for a profile
matching the name of the ca alias name. If no such profile is found, all
values are loaded from crl.default.
A profile must define validity and digest, extension values are
inherited from the default profile in case they are not set in the special
Load the profile, called from constructor
- The alias of the ca token to be used (from the alias table)
- The name of the profile (as given in realm.crl)
- optional, override validity from profile definition. Must be a hashref
useable with OpenXPKI::DateTime::get_validity. Only relative dates are
- optional, if given the computed nextupdate is checked if it exceeds the ca
validity and uses the validity set in crl.<profile.lastcrl>.
Absolute dates are supported but the actual timestamp in the crl might
differ as it is converted to "hours from now".
- PEM encoded ca certificate to use. This is mainly for testing, in regular
operation the certificate is determined using the API.
Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.