mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Reduce default CRL lifetime to 20min
This commit is contained in:
parent
6de010a411
commit
d8f1e36ecf
@ -129,7 +129,8 @@ class SignHandler(asynchat.async_chat):
|
|||||||
|
|
||||||
builder = x509.CertificateRevocationListBuilder(
|
builder = x509.CertificateRevocationListBuilder(
|
||||||
).last_update(now
|
).last_update(now
|
||||||
).next_update(now + timedelta(days=1)
|
).next_update(
|
||||||
|
now + timedelta(seconds=config.REVOCATION_LIST_LIFETIME)
|
||||||
).issuer_name(self.server.certificate.issuer
|
).issuer_name(self.server.certificate.issuer
|
||||||
).add_extension(
|
).add_extension(
|
||||||
x509.AuthorityKeyIdentifier.from_issuer_public_key(
|
x509.AuthorityKeyIdentifier.from_issuer_public_key(
|
||||||
|
@ -61,7 +61,7 @@ database = sqlite://{{ directory }}/db.sqlite
|
|||||||
|
|
||||||
[signature]
|
[signature]
|
||||||
certificate lifetime = 1825
|
certificate lifetime = 1825
|
||||||
revocation list lifetime = 1
|
revocation list lifetime = 1200
|
||||||
certificate url = {{ certificate_url }}
|
certificate url = {{ certificate_url }}
|
||||||
revoked url = {{ revoked_url }}
|
revoked url = {{ revoked_url }}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user