Re: Key.pme expiration problem

Thu, 06 Nov 2008 09:30:44 -0800 

Ajeet,
Thanks for your reply, however I'm not sure I understand. I'm not a programmer, I'm just trying to use my certificates and keys. Can you give me a more newbie example of how to check the time function? 

Thanks,
Rick

Ajeet kumar.S wrote:

Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return

expire or going to expire. Please check it. 

 


Thank you.

Regards,

--Ajeet  Kumar  Singh


 


Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa

Kaschit Dukha Bhagh Bhavet 

 


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Knight
Sent: Thursday, November 06, 2008 12:34 AM
To: openssl-users@openssl.org
Subject: Key.pme expiration problem

Hello,


Yesterday I created a new certificate request for use with Sendmail and 
STARTTLS. I signed the request with my existing CA. This morning I'm 
getting messages from certwatch say the key and cert are expired or are 
going to expire in less than 7 days. My CA is good till December 2010, 
and the request is good untill November  2009. When I run certwatch I 
get these errors...


unable to load certificate

5143:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate

5173:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate

5203:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate

5235:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate

5260:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'


I have 5 files (3 certs and 2 keys) in /etc/mail/certs where certwatch 
is watching and they all give this error. Only 1 cert and key is from 
yesterday. The other 3 have been there for almost a year.



Is there a way to check the date on the key files to verify that they 
are expiring. Is the error above causing the problem?


Thanks,
Rick
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

  


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]






















					Reply via email to