clean-crl - remove orphaned CRL like files from a certificate directory

       Does not check the contents of the files removed.

Trust Anchor Utilities                                local                                         CLEAN-CRL(8)

       None.

       The  clean-crl  utility will remove CRL like files named hash.rn from the directory specified with the -l
       option if there is no corresponding .n file in the same.  In effect, if the directory is solely  used  to
       hold  CA  certificates  in  the  common  OpenSSL  format,  it  will  thus  remove CRL files for which the
       corresponding CA does  not or no longer exists in the directory.

       Exit status is normally 0; if an error occurs, exit status is  1  and  diagnostics  will  be  written  to
       standard error.

       Licensed under the Apache License, Version 2.0 (the "License");

       http://www.apache.org/licenses/LICENSE-2.0

       clean-crl - remove orphaned CRL like files from a certificate directory

       This  tool  does not check the contents of the files removed, and will blindly unlink any file which even
       remotely looks like an OpenSSL CRL file. Use with extreme caution.

-h--help
              Show help text.

       -l--cadirmetadata-directory
              The script will search this directory for files with the suffix .ri.  There  is  no  default  -  a
              common choice is /etc/pki/tls/certs, /etc/openldap/cacerts, or /etc/grid-security/certificates.

       -V--version
              Display version number (same as corresponding fetch-crl)

       -v--verbose
              Verbose mode

       -n--dryrun
              Do not actually remove any files (useful primarily with -v)

fetch-crl(8), openssl(1), http://wiki.nikhef.nl/grid/FetchCRL3

clean-crl [-lcrlpath] [-v] [-V] [-n] [-h]