That is great news, Dr. Hensen.
In our test with openssl 0.9.7e, the behavior of certificate expiration
date calculation does not seem to be consistent across different OS.
For instance, when we use openssl to generate pem files on Windows and
MacOS X with system time set beyond 2012, we get different
expiration dates if we specify the 'default_days' to 9999 but do not
specify 'default_enddate' in the config file.
The Windows certificate contains proper expiration date while the MacOS
certificate wraps the certicate expiration date back to 1900.
Hopefully your fix will make the behavior consistent as well.
Alex
Dr. Stephen Henson wrote:
To those interested in the year 2038 issues....
I've just added some experimental code to HEAD (which will be OpenSSL 0.9.9).
This should make sensible things happen when longer expiry dates are used
during certificate creation.
Let me know of any issues.
At some point this could be backported.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
