Revision f6404cad
Added by Jim Pingle almost 3 years ago
| src/usr/local/www/system_crlmanager.php | ||
|---|---|---|
| 34 | 34 |
require_once("pfsense-utils.inc");
|
| 35 | 35 |
require_once("vpn.inc");
|
| 36 | 36 |
|
| 37 |
$max_lifetime = cert_get_max_lifetime();
|
|
| 38 |
$default_lifetime = min(9999, $max_lifetime);
|
|
| 37 |
$max_lifetime = crl_get_max_lifetime();
|
|
| 38 |
$default_lifetime = min(730, $max_lifetime);
|
|
| 39 | 39 |
|
| 40 | 40 |
global $openssl_crl_status; |
| 41 | 41 |
|
| ... | ... | |
| 255 | 255 |
} |
| 256 | 256 |
|
| 257 | 257 |
if ($pconfig['method'] == "internal") {
|
| 258 |
$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
|
|
| 258 |
$crl['serial'] = empty($pconfig['serial']) ? '0' : $pconfig['serial'];
|
|
| 259 | 259 |
$crl['lifetime'] = empty($pconfig['lifetime']) ? $default_lifetime : $pconfig['lifetime']; |
| 260 | 260 |
$crl['cert'] = array(); |
| 261 | 261 |
} |
Also available in: Unified diff
CRL lifetime fixes to avoid rollover. Fixes #13424
(cherry picked from commit a3c1589086ea67d25a28ec14ab95d7fd9ab25fa2)