Try this: $OPENSSL req -new -x509 -newkey rsa:1024 -keyout privkey.pem -out key.pem -days 365
Thanx Himanshu Soni -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Augenstine Sent: Tuesday, August 20, 2002 9:03 AM To: [EMAIL PROTECTED] Subject: Certificate generation I am looking for some help on certificate generation. I have been successful in generating a certificate, however, I seem to be unable to generate a certificate with anything more than a 30 day lifespan. I have put the script I use to generate the certificate below. #!/bin/bash ######### # # Generate a certificate # ######### OPENSSL=/usr/local/ssl/bin/openssl ##This generates the cert and key $OPENSSL req -new -x509 -newkey rsa:1024 -keyout privkey.pem -out key.pem ## This will remove the passphrase $OPENSSL rsa -in privkey.pem -out privkey.pem ## Put it all together cat privkey.pem >> key.pem ## Cleanup rm privkey.pem I also changed the following line in 'openssl.cnf' : default_crl_days = 30 to default_crl_days = 365 To no avail. I still get a certificate that times out in 30 days. Can someone tell me what I am doing wrong? Thanks for any help. Jonathan [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
