MAN page from RedHat EL 7 fetch-crl-3.0.19-2.el7.noarch.rpm
Section: Maintenance Commands (8)
clean-crl - remove orphaned CRL like files from a certificate directory
utility will remove CRL like files namedhash
from the directory specified with the -l
option if there is no corresponding .n
file in the same.In effect, if the directory is solely used to hold CA certificatesin the common OpenSSL format, it will thus remove CRL files forwhich the corresponding CA does not or no longer exists in thedirectory.
- -h --help
- Show help text.
- -l --cadir metadata-directory
- The script will search this directory for files with thesuffix .ri.There is no default - a common choice is /etc/pki/tls/certs, /etc/openldap/cacerts, or /etc/grid-security/certificates.
- -V --version
- Display version number (same as corresponding fetch-crl)
- -v --verbose
- Verbose mode
- -n --dryrun
- Do not actually remove any files (useful primarily with -v)
This tool does not check the contents of the files removed, and willblindly unlink any file which even remotely looks like an OpenSSL CRLfile. Use with extreme caution.
Exit status is normally 0;if an error occurs, exit status is 1 and diagnostics will be writtento standard error.
Licensed under the Apache License, Version 2.0 (the "License");
Does not check the contents of the files removed.
- SEE ALSO
This document was created byman2html,using the manual pages.