[Cerowrt-devel] expiring certs kill juniper routers

Maciej Soltysiak maciej at soltysiak.com
Tue Apr 1 11:42:16 EDT 2014

> 1 3 2 1 * /etc/make-webcerts.sh # regen the web certs every year feb 1 at 3am
If for some reason I fail to have my router running on that feral day
at 3am, it won't regenerate and we wait a year for the next run.
Maybe it'd be better to have a daily job to check for that in case
someone misses that key moment in a year?

Before I do anything... My copy of make-webcerts.sh has:

Perhaps it's better to put less than 60 years in there and up the bits?
3 runs at 4096 took 27, 30 and 42 seconds on my WNDR3800.

That would increase the first boot up after flashing, wouldn't it?

Best regards,

More information about the Cerowrt-devel mailing list