> They typically should be; I think the default is to make the starting time > the current time. How are you creating them? > > At 09:29 AM 6/17/2004, you wrote: >>i understand now, i apologize. my certificates don't become valid till >> the >>next day. i thought they became valid as soon as they were signed. the >>timestamps don't match up, you are right. my apologies. > i'm creating them with these three commands:
matthew@biochem:~/ca$ openssl req -new -keyout <filename_key.pem> -out <filename_req.pem> -days 360 -config openssl.cnf matthew@biochem:~/ca$ cat <filename_key.pem> <filename_req.pem> > <filename.pem> matthew@biochem:~/ca$ openssl ca -out <filename_cert.pem> -config openssl2.cnf -infiles <filname.pem>
