(Maint) Make a CRL valid on the same second it is updated
15a9fb76096eUnpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

(Maint) Make a CRL valid on the same second it is updated

Because openSSL says that a CRL is valid only at least one second after
it was last updated, setting the last_updated field to right now causes
the CRL to be not valid for one second. This was showing up as an
intermittent failure in our test cases.

The CRL is now always made to be last_updated one second ago so that it
is immediately valid.

Details

Provenance

Andrew Parker <andy@puppetlabs.com>	Authored on
vanmeeuwen	Pushed on Jun 2 2015, 2:22 PM

Parents

rPU905a947c1e95: (Maint) Clarify flow of CRL generation and update

Branches

Unknown

Tags

Unknown

Event Timeline

Andrew Parker <andy@puppetlabs.com> committed rPU15a9fb76096e: (Maint) Make a CRL valid on the same second it is updated (authored by Andrew Parker <andy@puppetlabs.com>).Jun 27 2012, 1:35 AM

Changes (2)

Path

Size

lib/

puppet/

ssl/

certificate_revocation_list.rb

spec/

unit/

ssl/

certificate_revocation_list_spec.rb

rPU15a9fb76096e

View Options

lib/puppet/ssl/certificate_revocation_list.rb