@ -794,14 +794,13 @@ func (a *Authority) startCRLGenerator() error {
go func() {
for {
select {
case <-a.crlTicker.C:
log.Println("Regenerating CRL")
err := a.GenerateCertificateRevocationList()
if err != nil {
log.Printf("ERROR: authority.crlGenerator encountered an error when regenerating the CRL: %v", err)
}
<-a.crlTicker.C
}()
@ -549,6 +549,9 @@ func (a *Authority) Revoke(ctx context.Context, revokeOpts *RevokeOptions) error
// Save as revoked in the Db.
err = a.revoke(revokedCert, rci)
return errs.Wrap(http.StatusInternalServerError, err, "authority.Revoke", opts...)
// Generate a new CRL so CRL requesters will always get an up-to-date CRL whenever they request it
err = a.GenerateCertificateRevocationList()
@ -3,8 +3,8 @@ package softcas
import (
"context"
"crypto"
"crypto/rsa"
"crypto/rand"
"crypto/x509"
"time"