Andrew, If you are using the makess.bat file to generate your CA cert, I would look at that and check for a param called -days in the X509 command. This also may show you why your certs are expiring. Hope that helps, Rob
-----Original Message----- From: Andrew T. Finnell [mailto:[EMAIL PROTECTED]] Sent: Monday, May 06, 2002 3:37 PM To: 'OpenSSL User' Subject: Default_crl_days We are having a problem with our certificates becoming invalid in 30 days for our custom application. I looked at the openssl.cfg file we use when creating our self-CA and certificate/key pairs and the only thing that stands out to me is default_crl_days being set to 30 days. Could someone tell me if this would explain the self-signed CA expiring? We do not do any CRL checking so why would this effect anything? Thanks. - Andrew T. Finnell Active Solutions L.L.C [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ***************************************************************** DISCLAIMER: The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained therein by any other person is not authorized. If you are not the intended recipient please notify us immediately by returning the e-mail to the originator. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
