> Hi Everyone, > > My problem is with Windows 200x generated certificates. The Windows > servers are set to local time, but when I import or use these > certificates within OpenSSL they appear to be set to GMT time. The > certificate's validity is not valid between the offset of GMT to the > localtime of the Linux machine. > > Does OpenSSL know how to use the localtime to verify certificates, or > does it always use GMT?
Certificates *always* use GMT. If certificates contained local time, you'd have to know what time zone they were created in to know when they were valid, which would create all kinds of ugliness. If your certificate contain in them the local time they are valid, they are erroneous. Make sure the error is in the certificate and not in the viewing tool (that may convert them to local time for display convenience or think they are in local time). Windows servers should be set to local time, but they should also know their correct timezone so that they can generate GMT for those things that require them. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
