Commit 5061c6e5 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Do not delete certificates when user is deleted; set them to be

revoked so that the CRL generation will add them to the CRL. They will
be pruned by the nightly dbcheck.
parent e1e60cfc
......@@ -583,7 +583,14 @@ sub Purge($)
or return -1;
DBQueryWarn("delete from user_sfskeys where uid_idx='$uid_idx'")
or return -1;
DBQueryWarn("delete from user_sslcerts where uid_idx='$uid_idx'")
# Do not delete certs; we need them around so we can generte the CRLS.
# Just set the revoked flag for them. At some point we need to prune
# the table.
DBQueryWarn("update user_sslcerts set revoked=now() ".
"where uid_idx='$uid_idx' and revoked is null")
or return -1;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment