diff --git a/certidude/signer.py b/certidude/signer.py index 8b7c16d..7bfd50d 100644 --- a/certidude/signer.py +++ b/certidude/signer.py @@ -129,7 +129,8 @@ class SignHandler(asynchat.async_chat): builder = x509.CertificateRevocationListBuilder( ).last_update(now - ).next_update(now + timedelta(days=1) + ).next_update( + now + timedelta(seconds=config.REVOCATION_LIST_LIFETIME) ).issuer_name(self.server.certificate.issuer ).add_extension( x509.AuthorityKeyIdentifier.from_issuer_public_key( diff --git a/certidude/templates/certidude.conf b/certidude/templates/certidude.conf index da1e348..937188c 100644 --- a/certidude/templates/certidude.conf +++ b/certidude/templates/certidude.conf @@ -61,7 +61,7 @@ database = sqlite://{{ directory }}/db.sqlite [signature] certificate lifetime = 1825 -revocation list lifetime = 1 +revocation list lifetime = 1200 certificate url = {{ certificate_url }} revoked url = {{ revoked_url }}