dogtagpki

Clone
Source Code
GIT

#1565 Updated crl config to update at a certain time - CRL is not automatically update
Closed: Invalid None Opened 8 years ago by rpattath.

Closed: Invalid
Reopen Issue

Updated crl config to update at a certain time (for example 9:25) - CRL is not
automatically update

Steps to Reproduce:

1. Update the MasterCRL issuing point using console as follows
Update CRL at 9:25
2. Issue 5 caUserCert and revoke them at around 9:00

Actual results:

CRL is not updated automatically at 9:25

Additional info:

Created attachment 1063911 in associated bug
CA debug log at 9:25

After trying this out myself, I think I have figured out what is going on for the reporter:

  1. I'm guessing there was already a schedule in place when the change was made to the schedule.
    What I find is that when you say you want the CRL to be published at say 11:00 am when it is say 10:50 AM, the following is probably true.
  • There is a variable kept in the server called mNextUpdate. In my test, this was already set to a time that has already passed like 9AM. This means that the "next update" time is going to be enforced at 9:00AM the NEXT day. The setting for 11:00 AM, will probably come into play, the day after next.

This behavior may or may not be the original intention of this design. I do not know.
If you want to simply test setting a one entry schedule for a crl publish and not have to wait 2 days for it do this:

  1. Go into the agent interface, and explicitly do a "publish now".
  2. THEN go into the console and set the one item schedule to be something in the near future.
  3. With this done, your CRL update should take place on time.

We can argue if this is a problem or not. I can see a case for when a completely new publishing schedule is created, the "next update" variable should be reset and not hold an old scheduled element.

Per IRC conversations on 8/18/2015, it was determined that this bug would be left open for future enhancement -- 10.3 (minor).

Per Bug Triage of 05/05/2016:

AI: Jack will ask for this to be retested.

Jack Magne 2016-05-05 14:46:30 EDT

Hi:

This sounds like a problem we have had previously:

What you need to do is first do an update now manually before setting your new schedule. I think what happens is your new schedule won't happen until tomorrow or some time later in the future.

Roshni 2016-05-23 15:52:07 EDT

I tried as explained in Jack's comment and it works, I see the crl is updated at the specified time.

Metadata Update from @rpattath:
- Issue set to the milestone: 10.3.3
7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2124

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Login to comment on this ticket.

Metadata
None
None
None
None
minor
None
None
defect
None
None
None
None
None
QE
None
None
None
None
None
None
CA
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.