Display PKI CRL from API using openssl


I want to view the PKI CRL list retrieved from Vault API using openssl as follows:

curl --insecure $VAULT_ADDR/v1/pki_int/cert/crl | jq ‘.data.certificate’ > pki_int.crl

openssl crl -text -noout -in pki_int.crl

However, I get an error from openssl which I think is due to the “\n” characters in the text.

Has anyone come accross this before?



For this purpose you’re better off using the raw CRL endpoint.

1 Like

Thanks Jeff - I will give it a try…