...
| Code Block | ||
|---|---|---|
| ||
# /etcusr/init.dsbin/atdservice stop atd.service |
Löschen der CRL-AT-Jobs
| Code Block | ||
|---|---|---|
| ||
# /var/install/bin/certs-update-crl --deletejobs |
...
| Code Block | ||
|---|---|---|
| ||
# /etcusr/init.dsbin/atdservice start atd.service |
Zusammenfassung aller Schritte
| Code Block | ||
|---|---|---|
| ||
# /etcusr/init.dsbin/atdservice stop atd.service # /var/install/bin/certs-update-crl --deletejobs # cd /var/certs/ssl/crl # rm * # cd .. # cp certs-update-crl-list.std certs-update-crl-list # /var/install/bin/certs-create-tls-certs crl # /var/install/bin/certs-update-crl --all # /etcusr/init.dsbin/atdservice start atd.service |
Skriptvorschlag zur automatischen CRL-Bereinigung
...
| Code Block | ||
|---|---|---|
| ||
#!/bin/sh # CRL_cleanup atdrunning=no (/etcusr/init.dsbin/atdservice status atd.service | grep "is(running) runningsince") && atdrunning=yes if [ "${atdrunning}" = "yes" ] then /etcusr/init.dsbin/atdservice stop atd.service fi hostname=$(hostname -f) echo | /var/install/bin/certs-update-crl --deletejobs echo cd /var/certs/ssl/crl crls=$(ls) for f in ${crls} do if echo ${f} | grep -vq "^${hostname}" then rm ${f} fi done cd .. cp certs-update-crl-list.std certs-update-crl-list echo | /var/install/bin/certs-update-crl --all echo if [ "${atdrunning}" = "yes" ] then /etcusr/init.dsbin/atdservice start atd.service fi |