Hello. I am posting this message again. Can someone
help me over this. I am trying to create certificate
using req command as follows,
1) First generated the cert request,
openssl req -newkey rsa:1024 -config openssl.cnf
-out xyz_careq.pem
2) Then generated the certificate as follows,
openssl x509 -req -in xyz_careq.pem -extfile
openssl.cnf -extensions req_extensions -signkey
privatekey.pem -out xyz_cert.pem
3)When I see the expiry dates it shows as follows,
openssl x509 -subject -issuer -dates -noout -in
xyz_cert.pem
subject= /C=US/O=XYZ/OU=XYZ Engineering Certification
Authority/ST=KANSAS/L=Wichita/CN=XYZ Engineering
CA/[EMAIL PROTECTED]
issuer= /C=US/O=XYZ/OU=XYZ Engineering Certification
Authority/ST=KANSAS/L=Wichita/CN=XYZ Engineering
CA/Email=-
notBefore=Feb 28 14:21:54 2005 GMT
notAfter=Mar 30 14:21:54 2005 GMT
Why is this happening? The certificate is
generated fine with the x509 and -days 365 option. Can
someone help me on this.
Sanjay Acharya
Wichita State University
---THE openssl.cnf FILE---
RANDFILE= $ENV::HOME/project/.rnd
[ ca ]
default_ca = my_ca_default
[ my_ca_default ]
dir = $ENV::HOME/project
certs = $dir/certs
crl_dir = $dir/crl
database= $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/cacert.pem
serial = $dir/serial
crl = $dir/crl.pem
private_key = $dir/private/cakey.pem
RANDFILE= $dir/private/.rand
default_days= 365
default_crl_days = 1
default_md = sha1
x509_extensions = usr_cert
policy = my_policy
[ my_policy ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = supplied
commonName = supplied
emailAddress= supplied
[ usr_cert ]
basicConstraints=CA:false
[ req ]
default_bits= 2048
default_md = sha1
default_keyfile = privatekey.pem
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = req_extensions
[ req_distinguished_name ]
countryName = US
organizationName = XYZ
organizationalUnitName = XYZ Engineering Certification
Authority
stateOrProvinceName = KANSAS
localityName= Wichita
commonName = XYZ Engineering CA
emailAddress= ---
[ req_extensions ]
basicConstraints = CA:true
__
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]