Skip to content
  • Leigh B. Stoller's avatar
    Fixes to make sure the certificates are really good for three years. · 6305e238
    Leigh B. Stoller authored
    So, the length of time is set in the .cnf file when signing a cert
    with the CA. However, the length of time the CA is good for is not set
    in the .cnf file (the entry is ignored). Rather, it has to be on the
    command line. So, the certs really were good for 3 years; it was the
    CA that had expired, and once that happens the certs are no longer any
    good. Very bogus.
    6305e238