Hi Dalini,
Im not too deep in this issue but what about:
If the status column is "VALID" we use the "notafter" column from the database when making a validity check.
If the status was valid, but time is over, we move the status column to EXPIRED.
On the other side - I think a nightly cron job would be not so bad for several other things...
e.g. it can send a reminder when a CRL or Certs are nearly end of life. I just have to look at my "old" CA system here - as we do not issue new certs with it, I get a notice of my collegues that the crl is broken and his outlook complains because I forgot the renew it...
Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
