set default_days to 3650 and tested the
Makefile:
openssl x509 -in ca.pem -noout -dates
notBefore=Sep 21 10:11:53 2008 GMT
notAfter=Sep 19 10:11:53 2018 GMT
--
View this message in context:
http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19666745.html
Sent from
helps though but that's no fix just a
workaround IMHO.
Rg,
Arnaud
--
View this message in context:
http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19607549.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe
sphaero wrote:
I was just wondering why the Makefile in freeradius 2.0 for creating
certificates only produces a CA which is valid for 1 month. I don't reckon
that's handy for production use.
They are test certificates. For production use you need to edit the
OpenSSL configuration files.
the
OpenSSL configuration files.
Well according to your site the instructions are for production use.
http://deployingradius.com/ link to Create certificates for production
use.
Rg,
Arnaud
--
View this message in context:
http://www.nabble.com/make-certificate-with-make-is-only-1-month-valid
://www.nabble.com/make-certificate-with-make-is-only-1-month-valid-tp19607549p19613999.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
sphaero wrote:
Well according to your site the instructions are for production use.
And according to the email which you quoted:
Is there any particular reason? Changing the ca.cnf file doesn't
change it?
Maybe it's a bug in OpenSSL.
But you deleted that portion. By selectively
[EMAIL PROTECTED] wrote:
It's not exactly a bug in openSSL. Just weirdness:
...
It looks like default_days setting in ca.cnf is irrelevant.
i.e. OpenSSL ignores a configuration that is documented as doing
something. That sounds like a bug to me.
A few simple searches on google found other
http://marc.info/?l=openssl-usersm=110958909114203w=2
That's from 2005. They know about it. And don't care.
Ivan Kalik
Kalik Informatika ISP
Dana 22/9/2008, Alan DeKok [EMAIL PROTECTED] piše:
[EMAIL PROTECTED] wrote:
It's not exactly a bug in openSSL. Just weirdness:
It looks like
8 matches
Mail list logo