diff options
author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-09-01 23:34:06 +0300 |
---|---|---|
committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2018-09-01 23:39:55 +0300 |
commit | a441bae6263c71d514bcecd970f45345bfea2080 (patch) | |
tree | 879a348dc141b7479921583097743b5e80b93c31 | |
parent | da410f2d0e3a67f1960e08e04142856cb84d5ba0 (diff) | |
download | dmvpn-tools-0.4.1.tar.bz2 dmvpn-tools-0.4.1.tar.xz |
dmvpn-ca: issue new CRL before expiryv0.4.1
-rwxr-xr-x | dmvpn-ca | 3 | ||||
-rw-r--r-- | dmvpn-ca.conf | 3 |
2 files changed, 4 insertions, 2 deletions
@@ -731,7 +731,8 @@ end function get_crl() local row = select_one('expires, data', 'crl', nil, 'n') - return row and row[1] > now and x509crl.new(row[2]) or generate_crl() + return row and now < row[1] - config.crl.renewal and x509crl.new(row[2]) + or generate_crl() end diff --git a/dmvpn-ca.conf b/dmvpn-ca.conf index 15dd39a..ffe6cc6 100644 --- a/dmvpn-ca.conf +++ b/dmvpn-ca.conf @@ -18,4 +18,5 @@ hub: crl: dist-point: 'http://example.com/dmvpn-ca.crl' - lifetime: 60 + lifetime: 90 + renewal: 30 |