logger::note( "Signing CRLs" );
for( auto& x : CAs ) {
- logger::notef( "Checking: %s ...", x.first );
-
if( !x.second->crlNeedsResign() ) {
- logger::warnf( "Skipping Resigning CRL: %s ...", x.second->name );
continue;
}
return stat( name.c_str(), &buffer ) == 0;
}
-void signOCSP( std::shared_ptr<Signer> sign, std::string profileName, std::string req, std::string crtName ) {
+void signOCSP( std::shared_ptr<Signer> sign, std::string profileName, std::string req, std::string crtName, std::string failName ) {
auto cert = std::make_shared<TBSCertificate>();
cert->ocspCA = profileName;
cert->wishFrom = "now";
std::shared_ptr<SignedCertificate> res = sign->sign( cert );
if( !res ) {
+ writeFile( failName, "failed" );
logger::error( "OCSP Cert signing failed." );
return;
}
continue;
}
+ std::string failName = "ca/" + profileName + "/ocsp.fail";
+
+ if( pathExists( failName ) ) {
+ continue;
+ }
+
logger::notef( "Discovered OCSP CSR that needs action: %s", csr );
std::string req = readFile( csr );
std::shared_ptr<X509Req> parsed = X509Req::parseCSR( req );
continue;
}
- signOCSP( sign, profileName, req, crtName );
+ signOCSP( sign, profileName, req, crtName, failName );
}
}
projects / cassiopeia.git / blobdiff