How to understand "Update CRL" field in LTM's Certificate Authority profile?
Hi, I am wondering, how should I understand the CRL related fields in LTM's CA profile (Local Traffic > Profiles > SSL > Certificate Authority)? I cannot find any documentation for this profile. I would like to use this CA profile in APM's machine certificate check and make sure that machines with revoked certificates are denied access to APM resources. I understand that the "Certificate Revocation List (CRL)" field defines a static CRL file stored locally which I previously created under System > File Management > SSL Certificate List. But using CRL without a periodic and automatic update does not make sense. But I am struggling to understand what exactly would LTM do if I check the "Update CRL" checkbox under CA profile. How would LTM update this CRL? Where would it get the information for this update from? Would it read the CRL location URL from the certificate and try to access it? Anybody has an idea on how this is meant to work?