Re: make certificate with make is only 1 month valid

2008-09-25 Thread sphaero
set default_days to 3650 and tested the Makefile: openssl x509 -in ca.pem -noout -dates notBefore=Sep 21 10:11:53 2008 GMT notAfter=Sep 19 10:11:53 2018 GMT -- View this message in context: http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19666745.html Sent from

make certificate with make is only 1 month valid

2008-09-22 Thread sphaero
helps though but that's no fix just a workaround IMHO. Rg, Arnaud -- View this message in context: http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19607549.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe

Re: make certificate with make is only 1 month valid

2008-09-22 Thread Alan DeKok
sphaero wrote: I was just wondering why the Makefile in freeradius 2.0 for creating certificates only produces a CA which is valid for 1 month. I don't reckon that's handy for production use. They are test certificates. For production use you need to edit the OpenSSL configuration files.

Re: make certificate with make is only 1 month valid

2008-09-22 Thread sphaero
the OpenSSL configuration files. Well according to your site the instructions are for production use. http://deployingradius.com/ link to Create certificates for production use. Rg, Arnaud -- View this message in context: http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid

Re: make certificate with make is only 1 month valid

2008-09-22 Thread tnt
://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19613999.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org

Re: make certificate with make is only 1 month valid

2008-09-22 Thread Alan DeKok
sphaero wrote: Well according to your site the instructions are for production use. And according to the email which you quoted: Is there any particular reason? Changing the ca.cnf file doesn't change it? Maybe it's a bug in OpenSSL. But you deleted that portion. By selectively

Re: make certificate with make is only 1 month valid

2008-09-22 Thread Alan DeKok
[EMAIL PROTECTED] wrote: It's not exactly a bug in openSSL. Just weirdness: ... It looks like default_days setting in ca.cnf is irrelevant. i.e. OpenSSL ignores a configuration that is documented as doing something. That sounds like a bug to me. A few simple searches on google found other

Re: make certificate with make is only 1 month valid

2008-09-22 Thread tnt
http://marc.info/?l=openssl-usersm=110958909114203w=2 That's from 2005. They know about it. And don't care. Ivan Kalik Kalik Informatika ISP Dana 22/9/2008, Alan DeKok [EMAIL PROTECTED] piše: [EMAIL PROTECTED] wrote: It's not exactly a bug in openSSL. Just weirdness: It looks like