Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Mirror a CRL, and use the "This update" field as the file's mod-time
curl http://site.com/file.crl -o /var/www/file.crl
lastmod=`openssl crl -inform DER -text -noout -in /var/www/file.crl | grep "Last Update" | awk '{ print "date -d \""$3FS$4FS$5FS$6"\" +%Y%m%d%H%M" }' | bash`
touch -mt $lastmod /var/www/file.crl
Owner

rpunt commented Jul 17, 2015

Assuming your CRLs regenerate on a fixed schedule, you can then set expires header for this MIME type to the appropriate interval. Nginx, for example:

expires modified +2d23h59m;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment