The Distribution Point (DP) service in Protocol Gateway is used to allow for retrieval of CRLs, CILs and CA certificates for external applications without authentication. This allows external services to verify which certificates are still valid according to the CM system and retrieving the certificate chain.

The standard configuration supports the following endpoints:

• crl/<crl-name> - Retrieves the CRL by the configured cxlprocedure
• cil/<cil-name> - Retrieves the CIL by the configured cxlprocedure
• ca/<ca-name> - Retrieves the CA certificate by the configured ca

For the crl and cil endpoints, the crl-name represents both the desired file name and parts of the retrieval URL. The cxlprocedure is the procedure name in the Administrator's workbench (AWB) in Certificate Manager. Both must be defined in dp.properties.

For the ca endpoint, the ca-name represents both the desired file name and parts of the retrieval URL. The ca parameter is the name of the CA as specified in the Administrator's workbench (AWB) in Certificate Manager. Both must be defined in dp.properties.