SSLCRLCacheLifetime
IT Asset Management
(Cloud)
Command line | Registry
SSLCRLCacheLifetime
, supported only for UNIX-like
platforms, sets the maximum lifetime of certificate Revocation Lists (CRLs) cached in the
SSLCRLPath, expressed as a whole number of seconds. A cached
CRL is expired on the earlier of:- Its own
nextUpdate
value (which is the certificate's valid until date), or - The sum of the
SSLOCSPCacheLifetime
and the operating system'sLast modified
date/time on the cached file.
The special case of 0
means that the cache lifetime is disabled, and a CRL
expires as set in its nextUpdate
field. (If the CRL does not have any
nextUpdate
value when the SSLCRLCacheLifetime=0
, the CRL
is not cached.)
Depending on your environment, one possible use is to set this to about 10 minutes (600 seconds). This is sufficient for an agent to complete a policy update, for example, and then refresh the cache on the next occurrence.
Values
Values / range |
Zero, or a positive integer. |
Default value |
|
Example values |
|
Command line
Tool |
Inventory component (ndtrack), and upload component (ndupload) |
Example |
|
Registry
Installed by |
Code internals, or manual configuration |
Computer preference |
[Registry]\ManageSoft\Common or
[Registry]\ManageSoft\<Component>\CurrentVersion
where <Component> is the registry key for an
individual component (Tracker , or Uploader ) |
IT Asset Management (Cloud)
Current