| bindvpnglobal_cacert |
Use this method to bind cacert to vpn global. |
Syntax |
Parameters |
cacert |
Name of the CA certificate. |
crlcheck |
Rule to use for the CRL corresponding to the CA certificate during client authentication. Available settings function as follows:
* MANDATORY - Deny SSL clients if the CRL is missing or expired, or the Next Update date is in the past, or the CRL is incomplete.
* OPTIONAL - Allow SSL clients if the CRL is missing or expired, or the Next Update date is in the past, or the CRL is incomplete, but deny if the client certificate is revoked in the CRL.
If neither CRL nor OCSP option is specified while binding the CA certificate, this option is set to CRLCHECK OPTIONAL by default. Possible Values : Mandatory, Optional. |
ocspcheck |
Rule to use for the OCSP responder associated with the CA certificate during client authentication. If MANDATORY is specified, deny all SSL clients if the OCSP check fails because of connectivity issues with the remote OCSP server, or any other reason that prevents the OCSP check. With the OPTIONAL setting, allow SSL clients even if the OCSP check fails except when the client certificate is revoked. Possible Values : Mandatory, Optional. |
Return Value |
Returns simpleResult |
See Also |