I was playing around with openssl and found a minor bug which makes possible to
put the end date before the start date. This happend by creating a certificate
using
openssl ca -selfsign -batch -startdate 000101000000Z -enddate 991231235959Z -...
The certificate will start at 1. Jan. 2000 and end at 31. Dec. 1999.
openssl version
OpenSSL 1.0.1f 6 Jan 2014
Certificate Details:
...
Validity
Not Before: Jan 1 00:00:00 2000 GMT
Not After : Dec 31 23:59:59 1999 GMT
...
Certificate ist o be certified until Dec 31 23:59:59 1888 GMT (36523 days)
I know, these values are not real, but there is still a bug to be fixed. (It
looks like there is no validation between start and end)
And by the way, can you please implement YYYY format?
Greetings
Michael S.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
