Hello all,
I'd like to ask you a question. When I sign a CSR I need to especify
not only the expiration days, also the hours, minutes and seconds.
For example:
* I have a PCA which is valid not after Sep 7 10:59:57 2000 GMT
* today is Sep 8 at 17:57:15
* if I sign a CSR in that moment and I specify the -days option
(365 days) the certificate I obtain will be valid until
Sep 7 17:57:15 2000
This is incorrect since I do not want to generate certificates with an
expiration date greater than the signing-PCA one.
In the list, I have read it could be solved in the version 0.9.4 of
openssl, but I am using this version and I think
there is no arguments in the "ca" option which allow the user to specify
the whole expiration date including hours, minutes and seconds.
Any suggestions will be welcomed.
Regards,
Chelo Malagón
--
Chelo Malagon Poyato E-mail: [EMAIL PROTECTED]
RedIRIS/CSIC Tel: +34 91 585 49 01
Serrano 142 Fax: +34 91 585 51 46
E-28006 Madrid
SPAIN
Servicio de Seguridad, IRIS-CERT
Claves PGP http://www.rediris.es/cert/keys.es.html
Key FINGERPRINT = 99 89 45 AB 66 74 B1 9F CE 3D D9 2C 40 69 8E 52
_ Red Academica y de Investigación Espańola (http://www.rediris.es) _
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
