NTP is certainly the best way to go.  I don't rely on anything to keep it's own time unless it's specifically a time-keeping device or connected to one (e.g. GPS).

 - Damian

On 03/06/14 12:02, Sam Russell wrote:
Hi all,

I'm playing with mikrotiks for VPNs, and one of the "features" is that the RB750's we have don't hold time when they reboot. I'm planning to build them with NTP access (so if they can get internet then they can get time), but I'm also tempted to generate certs backdated to 1970 instead.

Is anyone else doing this? How do you get mikrotiks to validate certs if the clock keeps resetting on power off - is relying on NTP the answer?

Cheers
Sam


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog