Configuring Certificate Revocation Lists for an External CA

1. Log in to the Stream Administration Interface ;

2. Go to Certification Authorities > External CAs and click on upload_crl next to the name of the CA you want to import the CRL of ;

3. Select a valid CRL file that has been signed by your CA ;

4. If everything went through correctly, the CRL of that external CA should be available to download from Stream ;

5. Additionally, if you want to push the CRL into S3 Buckets, click edit_external_ca on the external CA ;

5.1 In the Configuration tab, select one or several previously created external storage buckets from the drop-down menu ;

5.2 Click the Save button at the top.

The CRL should now also be pushed in the S3 Bucket(s) whenever you manually import it into Stream. Note that the CRL will still be accessible from the standard Stream CRLDP.