Kretschmer, Andreas schrieb:
I assume you are working with the "openssl ca" command. There are problems since this tool internally works with localtime to calculate the end date.Hallo,I got a problem with long living certificates. Today I created a certificate valid for 11000 days. (No Problem!). But if I generate the next certifikate with the same validation period I get "entry 1064: invalid expiry date". If I remove the last line of index.txt I am able to generate one and only one certificate again without seeing this error message. Maybe openssl cannot deal with timestamp beyond 0x80000000L? My version: OpenSSL 0.9.7e 25 Oct 2004 Thanks in advance for hints to resolve the problem,Andreas
Hope it helps. Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
