FlexNet Manager Suite 2021 R1 (On-Premises)

Command line | Registry

SSLCRLCacheLifetime, supported only for UNIX-like platforms, sets the maximum lifetime of certificate Revocation Lists (CRLs) cached in the SSLCRLPath, expressed as a whole number of seconds. A cached CRL is expired on the earlier of:
  • Its own nextUpdate value (which is the certificate's valid until date), or
  • The sum of the SSLOCSPCacheLifetime and the operating system's Last modified date/time on the cached file.

The special case of 0 means that the cache lifetime is disabled, and a CRL expires as set in its nextUpdate field. (If the CRL does not have any nextUpdate value when the SSLCRLCacheLifetime=0, the CRL is not cached.)

Depending on your environment, one possible use is to set this to about 10 minutes (600 seconds). This is sufficient for an agent to complete a policy update, for example, and then refresh the cache on the next occurrence.


Values / range

Zero, or a positive integer.

Default value

This default means that certificate validity period is as specified on the certificate itself.

Example values


Command line


Inventory component (ndtrack), installation component (ndlaunch), and upload component (ndupload)


-o SSLCRLCacheLifetime=600


Installed by

Code internals, or manual configuration

Computer preference

[Registry]\ManageSoft\Common or [Registry]\ManageSoft\<Agent>\CurrentVersion where <Agent> is the registry key for an individual agent

FlexNet Manager Suite (On-Premises)

2021 R1