A certificate revocation list (CRL) may be used by external applications to identify server keys that have been revoked by MFT Server. To generate a certificate revocation list go to the Server Keys tab in your desired Keys module (See Key management overview) and click the Revocation List > Generate button. The resulting CRL will be placed in the file /webapp/management/mft-server.crl relative to your installation directory. This file may be accessed as a CRL URL using the following format
http(s)://<server management host>:<server management port>/mft-server.crl
Figure 228
Signing Key - The server key used to sign the CRL.
Expiration period - The number of days from generation that this CRL is valid.