Configuring an external storage for your CRLs
Stream allows you to push your CRLs into S3 buckets upon generation, but it implies to configure an external storage first. This section also assumes you have already configured a credential for a cloud provider if you want to use a cloud storage solution.
To configure an external CRL storage:
1. Log in to the Stream Administration Interface ;
2. Go to Certification Authorities > External CRL Storage and click on 
;
3. Fill in the information :
-
Name (string input) : The name to give to that external storage (mandatory)
-
Description (string input) : An optional description for that external storage
-
Bucket (string input) : The name of the S3 bucket to store CRLs into (mandatory)
-
Credential (select) : The credential to use to connect to the S3 server (AWS format)
-
Role Arn (string input) : The RoleArn to use when connecting to the S3 provider (only applicable for AWS)
-
Region (string input) : The cloud region to use if the S3 is in the cloud (AWS, GCP)
-
Proxy (select) : The proxy to use to connect to the external storage, if any
-
Endpoint (string input) : The S3 endpoint to use (if not using an AWS S3 Bucket)
-
Force path style (boolean) : If turned on, forces path style in URL name
4. Once you’ve filled all the information, click "Add"
The External CRL Storage is now created and can be used in CA details.