Age | Commit message (Collapse) | Author | Files | Lines |
|
Checking the root's mail (/var/mail/root) I finally saw the root cause
of the CRL cronjob not working.
/bin/sh: curl: command not found
now, curl, (and most commands used by that cronjob) is in the /bin bash,
so we need to add it to the environment's PATH for the cronjob.
Change-Id: If10855b801782eeaf2006cd57071d74d13daf8c2
Closes-Bug: #1712404
(cherry picked from commit 139ac85028947f476a085e89bd54f3dfacd886cf)
|
|
Without it, it doesn't reload the services it should.
Change-Id: I43e6188700deb585f905ca700e69b6875f0ded45
Closes-Bug: #1712404
|
|
The default CA issues CRLs for 4 hours by default. So we need to change
these values to reflect this, else we'll get verification issues due to
the CRL having expired before its refreshed.
However, the nextupdate value for the CRLs might not be aligned with the
cron job. And getting this alignment is not entirely trivial. So I opted
for updating every 2 hours to address this.
Change-Id: I732b400462c5cabd7c6c18c007fc9e8c87b700d3
|
|
This will fetch the CRL file from the specified file or URL. Furtherly
it will set up a cron job to refresh the crl file once a week and notify
the needed services.
bp tls-via-certmonger
Change-Id: I38e163e8ebb80ea5f79cfb8df44a71fdcd284e04
|