Provided by: fetch-crl_3.0.11-1_all bug

NAME

       clean-crl - remove orphaned CRL like files from a certificate directory

SYNOPSIS

       clean-crl [-l crlpath] [-v] [-V] [-n] [-h]

DESCRIPTION

       The  clean-crl  utility  will  remove  CRL  like  files  named  hash.rn from the directory
       specified with the -l option if there is no corresponding .n file in the same.  In effect,
       if  the  directory is solely used to hold CA certificates in the common OpenSSL format, it
       will thus remove CRL files for which the corresponding CA does  not or no longer exists in
       the directory.

OPTIONS

       -h --help
              Show help text.

       -l --cadir metadata-directory
              The  script  will search this directory for files with the suffix .ri.  There is no
              default  -  a  common  choice  is  /etc/pki/tls/certs,  /etc/openldap/cacerts,   or
              /etc/grid-security/certificates.

       -V --version
              Display version number (same as corresponding fetch-crl)

       -v --verbose
              Verbose mode

       -n --dryrun
              Do not actually remove any files (useful primarily with -v)

CONFIGURATION

       None.

NOTES

       This  tool  does  not check the contents of the files removed, and will blindly unlink any
       file which even remotely looks like an OpenSSL CRL file. Use with extreme caution.

SEE ALSO

       fetch-crl(8), openssl(1), http://wiki.nikhef.nl/grid/FetchCRL3

DIAGNOSTICS

       Exit status is normally 0; if an error occurs, exit status is 1 and  diagnostics  will  be
       written to standard error.

LICENSE

       Licensed under the Apache License, Version 2.0 (the "License");

       http://www.apache.org/licenses/LICENSE-2.0

BUGS

       Does not check the contents of the files removed.