Red Hat Bugzilla – Bug 623494
CRL cert "next update time" seems to be hardcoded for 24hr
Last modified: 2015-05-14 11:23:00 EDT
pinsetter.org.fedoraproject.candlepin.pinsetter.tasks.CertificateRevocationListTask.schedule = 0 0/3 * * * ?
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Last Update: Aug 11 22:33:00 2010 GMT
Next Update: Aug 12 22:33:00 2010 GMT
X509v3 Authority Key Identifier:
X509v3 CRL Number:
Shouldnt the "Next Update:" reflect the actual setting in candlepin.conf?
Not sure if this is by design, but I wanted to double check and open a bug.
From rfc 3280:
188.8.131.52 Next Update
This field indicates the date by which the next CRL will be issued.
The next CRL could be issued before the indicated date, but it will
not be issued any later than the indicated date. CRL issuers SHOULD
issue CRLs with a nextUpdate time equal to or later than all previous
CRLs. nextUpdate may be encoded as UTCTime or GeneralizedTime.
The above behaviour is not a bug according to RFC.