From 097d3fe90f0e242ecebd1a9bf9b06d6397bf3789 Mon Sep 17 00:00:00 2001
From: Erich Eckner <git@eckner.net>
Date: Thu, 29 Aug 2019 14:23:22 +0200
Subject: make min duration configurable for ca and endpoint certificates

---
 sign-ca.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'sign-ca.in')

diff --git a/sign-ca.in b/sign-ca.in
index 9752464..8d2f4b2 100755
--- a/sign-ca.in
+++ b/sign-ca.in
@@ -17,9 +17,9 @@ fi
 
 if [ -f "${key_dir}/${ca_name}.key.new" ] \
 && [ -f "${key_dir}/${ca_name}.crt.new" ]; then
-  if [ "$(stat -c%Y "${key_dir}/${ca_name}.key.new")" -lt "$(($(date +%s)-60*60*24*30))" ] \
+  if [ "$(stat -c%Y "${key_dir}/${ca_name}.key.new")" -lt "$(($(date +%s)-60*60*24*ca_min_duration))" ] \
   || [ ! -f "${key_dir}/${ca_name}.key" ] \
-  || [ "$(stat -c%Y "${key_dir}/${ca_name}.crt.new")" -lt "$(($(date +%s)-60*60*24*30))" ] \
+  || [ "$(stat -c%Y "${key_dir}/${ca_name}.crt.new")" -lt "$(($(date +%s)-60*60*24*ca_min_duration))" ] \
   || [ ! -f "${key_dir}/${ca_name}.crt" ]; then
     mv "${key_dir}/${ca_name}.key"{.new,}
     mv "${key_dir}/${ca_name}.crt"{.new,}
-- 
cgit v1.2.3-54-g00ecf