Skip to content

Commit

Permalink
[doc] cert-staple.sh check staple newer than cert
Browse files Browse the repository at this point in the history 
(thx avij)
  • Loading branch information
@gstrauss
gstrauss committed Jan 13, 2024
1 parent 9fa0651 commit f6c6c2d
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion doc/scripts/cert-staple.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,11 @@ errexit() {
}

# short-circuit if Next Update is > $next_delta in the future
# and the stapling file is newer than the certificate and the chain
next_ts=$(readlink "$OCSP_DER" 2>/dev/null)
if [ -n "$next_ts" ]; then
if [ -n "$next_ts" ] && \
[ "$OCSP_DER" -nt "$CERT_PEM" ] && \
[ "$OCSP_DER" -nt "$CHAIN_PEM" ]; then
next_ts="${next_ts##*.}"
ts=$(date +%s)
ts=$(( $ts + $next_delta ))
Expand Down

0 comments on commit f6c6c2d

Please sign in to comment.