diff options
-rwxr-xr-x | dmvpn-ca | 3 | ||||
-rw-r--r-- | dmvpn-ca.conf | 3 |
2 files changed, 4 insertions, 2 deletions
@@ -731,7 +731,8 @@ end function get_crl() local row = select_one('expires, data', 'crl', nil, 'n') - return row and row[1] > now and x509crl.new(row[2]) or generate_crl() + return row and now < row[1] - config.crl.renewal and x509crl.new(row[2]) + or generate_crl() end diff --git a/dmvpn-ca.conf b/dmvpn-ca.conf index 15dd39a..ffe6cc6 100644 --- a/dmvpn-ca.conf +++ b/dmvpn-ca.conf @@ -18,4 +18,5 @@ hub: crl: dist-point: 'http://example.com/dmvpn-ca.crl' - lifetime: 60 + lifetime: 90 + renewal: 30 |