F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Icon for Employee rank

Employee

Aug 24, 2010

CRL - File Format - Updating

Hey All,

We're looking to implement client certificate authentication and use a CRL.

1 - Updating the CRL file on a regular basis - best to do with a cron job?

2 - The CRL we are getting from the Cert Authority is in a .crl format. Since the LTM requires it to be a PEM formatted file, how would we go about doing that. All previous attempts to do so via Openssl have been unsuccessful.

Thanks in advance.

1 Reply

Luke_Lehman
Employee
Aug 25, 2010
Solved.

.crl format is actually DER format. The openssl syntax that I had wasn't correct.

bad syntax: openssl crl -in .crl -outform PEM -out .pem

good syntax: openssl crl -inform der -in .crl -out .pem

Still looking for suggestions as to if a cron job is the best / safest way to obtain the CRL.

Thanks.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5