[Cerowrt-devel] expiring certs kill juniper routers
maciej at soltysiak.com
Tue Apr 1 11:42:16 EDT 2014
> 1 3 2 1 * /etc/make-webcerts.sh # regen the web certs every year feb 1 at 3am
If for some reason I fail to have my router running on that feral day
at 3am, it won't regenerate and we wait a year for the next run.
Maybe it'd be better to have a daily job to check for that in case
someone misses that key moment in a year?
Before I do anything... My copy of make-webcerts.sh has:
Perhaps it's better to put less than 60 years in there and up the bits?
3 runs at 4096 took 27, 30 and 42 seconds on my WNDR3800.
That would increase the first boot up after flashing, wouldn't it?
More information about the Cerowrt-devel