What is "default_days" set to in your openssl.cnf file? _________________________________________________________________
Mark Annal e-mail: [EMAIL PROTECTED] TARGUSinfo phone : (585) 598-7011 255 Woodcliff Drive fax : (585) 598-7001 Fairport, NY 14450 web : www.targusinfo.com _________________________________________________________________ -----Original Message----- From: Jonathan Augenstine [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 20, 2002 12:03 PM To: [EMAIL PROTECTED] Subject: Certificate generation I am looking for some help on certificate generation. I have been successful in generating a certificate, however, I seem to be unable to generate a certificate with anything more than a 30 day lifespan. I have put the script I use to generate the certificate below. #!/bin/bash ######### # # Generate a certificate # ######### OPENSSL=/usr/local/ssl/bin/openssl ##This generates the cert and key $OPENSSL req -new -x509 -newkey rsa:1024 -keyout privkey.pem -out key.pem ## This will remove the passphrase $OPENSSL rsa -in privkey.pem -out privkey.pem ## Put it all together cat privkey.pem >> key.pem ## Cleanup rm privkey.pem I also changed the following line in 'openssl.cnf' : default_crl_days = 30 to default_crl_days = 365 To no avail. I still get a certificate that times out in 30 days. Can someone tell me what I am doing wrong? Thanks for any help. Jonathan [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
