I have the same problem and I have 365 in there:
default_days = 365 Could it be that an empty line, like below, causes it to be ignored? [ exampleca ] dir = E:\src_apache2\chucks_build_notes\development_ca\viega certificate = $dir\cacert.pem database = $dir\index.txt new_certs_dir = $dir\certs private_key = $dir\private\cakey.pem serial = $dir\serial default_crl_days = 7 default_days = 365 default_md = sha1 policy = exampleca_policy x509_extensions = certificate_extensions Thanks Chuck -----Original Message----- From: George Theall [mailto:[EMAIL PROTECTED] Sent: Saturday, June 12, 2004 5:35 PM To: [EMAIL PROTECTED] Subject: Re: cert expires - crl days On Sun, Jun 13, 2004 at 10:21:30AM +1200, Sigi Kirchmair wrote: > I followed the instructions and generated a cert usung opnssl. > It worked fine but after 30 days the cert expired. > > Now I gueessed that the reason was in the openssl.conf files line: > > default_crl_days = 30 # how long before next CRL The parameter "default_days" specifies how many days certificates last by default; that's what you want to change. "default_crl_days" refers to the Certificate Revocation List (CRL). You probably want to leave that short, like 30 days. George -- [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
