lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-31 17:39:12 +00:00
Code Issues Activity

Reduce default CRL lifetime to 20min

Browse Source
This commit is contained in:
Lauri Võsandi
2016-03-29 15:17:44 +03:00
parent 6de010a411
commit d8f1e36ecf
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
certidude/signer.py
View File

@@ -129,7 +129,8 @@ class SignHandler(asynchat.async_chat):
builder = x509.CertificateRevocationListBuilder( builder = x509.CertificateRevocationListBuilder(
).last_update(now ).last_update(now
).next_update(now + timedelta(days=1) ).next_update(
now + timedelta(seconds=config.REVOCATION_LIST_LIFETIME)
).issuer_name(self.server.certificate.issuer ).issuer_name(self.server.certificate.issuer
).add_extension( ).add_extension(
x509.AuthorityKeyIdentifier.from_issuer_public_key( x509.AuthorityKeyIdentifier.from_issuer_public_key(

2
certidude/templates/certidude.conf
View File

@@ -61,7 +61,7 @@ database = sqlite://{{ directory }}/db.sqlite
[signature] [signature]
certificate lifetime = 1825 certificate lifetime = 1825
revocation list lifetime = 1 revocation list lifetime = 1200
certificate url = {{ certificate_url }} certificate url = {{ certificate_url }}
revoked url = {{ revoked_url }} revoked url = {{ revoked_url }}