Provided by: fetch-crl_3.0.17-1_all bug

NAME

       clean-crl - remove orphaned CRL like files from a certificate directory

SYNOPSIS

       clean-crl [-l crlpath] [-v] [-V] [-n] [-h]

DESCRIPTION

       The clean-crl utility will remove CRL like files named hash.rn from the
       directory specified with the -l option if there is no corresponding  .n
       file  in  the same.  In effect, if the directory is solely used to hold
       CA certificates in the common OpenSSL format, it will thus  remove  CRL
       files  for  which the corresponding CA does  not or no longer exists in
       the directory.

OPTIONS

       -h --help
              Show help text.

       -l --cadir metadata-directory
              The script will search this directory for files with the  suffix
              .ri.    There   is   no   default   -   a   common   choice   is
              /etc/pki/tls/certs,   /etc/openldap/cacerts,    or    /etc/grid-
              security/certificates.

       -V --version
              Display version number (same as corresponding fetch-crl)

       -v --verbose
              Verbose mode

       -n --dryrun
              Do not actually remove any files (useful primarily with -v)

CONFIGURATION

       None.

NOTES

       This  tool  does  not check the contents of the files removed, and will
       blindly unlink any file which even remotely looks like an  OpenSSL  CRL
       file. Use with extreme caution.

SEE ALSO

       fetch-crl(8), openssl(1), http://wiki.nikhef.nl/grid/FetchCRL3

DIAGNOSTICS

       Exit  status  is  normally  0; if an error occurs, exit status is 1 and
       diagnostics will be written to standard error.

LICENSE

       Licensed under the Apache License, Version 2.0 (the "License");

       http://www.apache.org/licenses/LICENSE-2.0

BUGS

       Does not check the contents of the files removed.