SSLCRLCacheLifetime
Command line | Registry
SSLCRLCacheLifetime
, supported only for UNIX-like
platforms, sets the maximum lifetime of certificate Revocation Lists (CRLs) cached in the
SSLCRLPath, expressed as a whole number of seconds. A cached
CRL is expired on the earlier of:- Its own
nextUpdate
value (which is the certificate's valid until date), or - The sum of the
SSLOCSPCacheLifetime
and the operating system'sLast modified
date/time on the cached file.
The special case of 0
means that the cache lifetime is disabled, and a CRL
expires as set in its nextUpdate
field. (If the CRL does not have any
nextUpdate
value when the SSLCRLCacheLifetime=0
, the CRL
is not cached.)
Depending on your environment, one possible use is to set this to about 10 minutes (600 seconds). This is sufficient for an agent to complete a policy update, for example, and then refresh the cache on the next occurrence.
Values
Values / range |
Zero, or a positive integer. |
Default value |
|
Example values |
|
Command line
Tool |
Inventory component (ndtrack), installation component (ndlaunch), and upload component (ndupload) |
Example |
|
Registry
Installed by |
Code internals, or manual configuration |
Computer preference |
|
FlexNet Manager Suite (On-Premises)
2020 R1