// Check that there is a valid CRL in the DB right now. If it doesn't exist
// Check that there is a valid CRL in the DB right now. If it doesn't exist
// or is expired, generate one now
// or is expired, generate one now
_,ok:=a.db.(db.CertificateRevocationListDB)
_,ok:=a.db.(db.CertificateRevocationListDB)
@ -811,11 +826,6 @@ func (a *Authority) startCRLGenerator() error {
returnerrors.Wrap(err,"could not generate a CRL")
returnerrors.Wrap(err,"could not generate a CRL")
}
}
log.Printf("CRL will be auto-generated every %v",a.config.CRL.CacheDuration)
tickerDuration:=a.config.CRL.CacheDuration.Duration-time.Minute// generate the new CRL 1 minute before it expires
iftickerDuration<=0{
panic(fmt.Sprintf("ERROR: Addition of jitter to CRL generation time %v creates a negative duration (%v). Use a CRL generation time of longer than 1 minute.",a.config.CRL.CacheDuration,tickerDuration))
}
a.crlTicker=time.NewTicker(tickerDuration)
a.crlTicker=time.NewTicker(tickerDuration)
gofunc(){
gofunc(){
@ -832,3 +842,14 @@ func (a *Authority) startCRLGenerator() error {