OK, I just checked it out. for -S, there is a -v which is the # of months for it to be valid.
Thanks man! :-) Eric Ian McGreer wrote: > Eric Murphy wrote: > >> Is there a way to set the expiration date for signtool? Right now it >> is only 4 months from the time of creation. >> >> Also, what does the -z option mean? The certificate never expires? >> >> I'm trying to avoid actually paying for a certificate... and just have >> users install a certificate off the website. >> >> Thanks, >> Eric >> > > It does not look like it is possible to set the expiration date of the > generated certificate with signtool. You should use certutil, which is > a much more powerful (dare I say) tool for creating certs. > > Both tools are documented at > http://www.mozilla.org/projects/security/pki/nss/tools/ > > The simplest way to create certs is to use certutil -S. > > The -z option affects the time used in the signature, not in the > creation of a certificate. > > -Ian > >
