Hello. I am posting this message again. Can someone help me over this. I am trying to create certificate using "req" command as follows,
1) First generated the cert request, > openssl req -newkey rsa:1024 -config openssl.cnf -out xyz_careq.pem 2) Then generated the certificate as follows, openssl x509 -req -in xyz_careq.pem -extfile openssl.cnf -extensions req_extensions -signkey privatekey.pem -out xyz_cert.pem 3)When I see the expiry dates it shows as follows, openssl x509 -subject -issuer -dates -noout -in xyz_cert.pem subject= /C=US/O=XYZ/OU=XYZ Engineering Certification Authority/ST=KANSAS/L=Wichita/CN=XYZ Engineering CA/[EMAIL PROTECTED] issuer= /C=US/O=XYZ/OU=XYZ Engineering Certification Authority/ST=KANSAS/L=Wichita/CN=XYZ Engineering CA/Email=----- notBefore=Feb 28 14:21:54 2005 GMT notAfter=Mar 30 14:21:54 2005 GMT Why is this happening? The certificate is generated fine with the x509 and -days 365 option. Can someone help me on this. Sanjay Acharya Wichita State University ---THE openssl.cnf FILE--- RANDFILE = $ENV::HOME/project/.rnd [ ca ] default_ca = my_ca_default [ my_ca_default ] dir = $ENV::HOME/project certs = $dir/certs crl_dir = $dir/crl database = $dir/index.txt new_certs_dir = $dir/newcerts certificate = $dir/cacert.pem serial = $dir/serial crl = $dir/crl.pem private_key = $dir/private/cakey.pem RANDFILE = $dir/private/.rand default_days = 365 default_crl_days = 1 default_md = sha1 x509_extensions = usr_cert policy = my_policy [ my_policy ] countryName = match stateOrProvinceName = match organizationName = match organizationalUnitName = supplied commonName = supplied emailAddress = supplied [ usr_cert ] basicConstraints=CA:false [ req ] default_bits = 2048 default_md = sha1 default_keyfile = privatekey.pem prompt = no distinguished_name = req_distinguished_name x509_extensions = req_extensions [ req_distinguished_name ] countryName = US organizationName = XYZ organizationalUnitName = XYZ Engineering Certification Authority stateOrProvinceName = KANSAS localityName = Wichita commonName = XYZ Engineering CA emailAddress = --- [ req_extensions ] basicConstraints = CA:true __________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]