In order to myproxy service to generate the proxy certificates is necessary trusted CA certificates in /etc/grid-security/certificates folder, the CA certificate hash, signing policy and the crl certificate and some oders. I obtained those needed files, creating a CA through command line ( openssl way ) giving it a validity period of a year. I created the crl file for this CA the same way, but, with the same validity period, cause I didn'nt want to have problem with the "invalid" crl problem.
But now I want my system supports the revocation of users certicates and that means if I revoque a user with my CA, myproxy should know it and consequently wouldn't generate a credential for it, the next myproxy-init. The way to do this is lowering the validity of the crl (.r0) file less than a hour and updating the crl within a period of time ( less than a hour or so ), using system tools like cron, but my question is if there some myproxy tool that may do this...
