Martin Kosek wrote:
On 11/10/2015 10:59 PM, Fraser Tweedale wrote:
On Tue, Nov 10, 2015 at 07:02:42PM +0100, Natxo Asenjo wrote:
do we need to keep all the MasterCRL-YYYYMMDD-HHMMSS.der files or can we
purge them on a regular basis (say, keep 60 days dump the rest)?
$ ls -l | wc -l
this is in a server installed 3 years ago.
You can purge them. I am not sure why we keep the old ones around;
can someone fill me in?
This was not touched loong ago. CCing Rob in case he has an idea, but if
not - you are probably the best person to improve it :-)
I don't know if I considered this at all back in the day but I agree it
is probably up to dogtag to prune this directory. The files to keep
should be based on the generation schedule. I can't think of any value
an older CRL might provide though perhaps that should be configurable too.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project