Installing Certificate Revocation Lists 
Certificate Revocation List files (CRLs) provided by a Certification Authority (CA) identify credentials, that can no longer be trusted. CRLs prevent you from applying a digital signature that is no longer valid, and let you know when digital signatures on incoming documents are invalid. CRLs should be updated on a regular basis (for example, daily or weekly).
They are identified by the CRL distribution point (CRLdp), which is specified as a URL in the certificate itself. The following values must be specified when you install the CRL:
CRL Value |
Description |
|---|---|
URL |
Must match the URL found in the CRLdp field of the certificate |
Filename |
The file name of the CRL |
Caution
If you do not specify a URL/file name combination, the server does not have access to CRLs so that signatures chaining off that Trusted Anchor are considered invalid. However, if the certificate does not contain a CRLdp field to identify a URL for its CRLs, revocation checking cannot be performed and the server will consider the signatures as always valid.
For releases lower than SAP NetWeaver 7.31 SPS 07 ADS does not support a base64 encoded format. The CRL file format must be in binary format. There is no limitation for releases SAP NetWeaver 7.31 SPS 07 or higher.
Procedure
Start the SAP NetWeaver Administrator via the address http://<server>:<port>/nwa.
<server>: AS Java where the ADS are installed
<port>: HTTP port of the AS Java
Choose
Configuration 
Infrastructure Adobe Document Services 
.Select Certificate Revocation Lists from the Show dropdown menu and choose Manage CRL Files.
Choose Add New File.
Browse the CRL File and choose Upload.
Select Certificate Revocation Lists from the Show dropdown menu and choose Add New Object.
Specify the URL of the CRL you installed.
In the CRL File field, choose the name of the CRL file, and save.