Configuring Certificate Revocation Lists for an External CA

1. Log in to the Stream Administration Interface ;

2. Go to Certification Authorities > External CAs and click on upload_crl next to the name of the CA you want to import the CRL of ;

3. Select a valid CRL file that has been signed by your CA ;

4. If everything went through correctly, the CRL of that external CA should be available to download from Stream ;

5. Additionally, if you want to push the CRL into a CRL storage, click edit_external_ca on the external CA ;

5.1 In the Configuration tab, select one or several previously created external storages from the drop-down menu:

On CRL update: this will be triggered every time a new CRL is uploaded (see step 2).
On CRL sync: this will trigger every 15 minutes to ensure CRL is up to date on the storage, and push the new one if needed

5.2 Click the Save button at the top.

The CRL should now also be pushed in the CRL storage(s) whenever you manually import it into Stream. Note that the CRL will still be accessible from the standard Stream CRLDP.