On Jul 12, 2007, at 9:29 PM, imin macho wrote:
hi...
i'm a noob in openssl.. my employee asked me to edit our c++ cert
issuer engine developed using openssl. currently the cert generated
will be valid based on the time we generate it. for example, if i
generate a cert at 13 july 2007 1:3
thanks a lot for answering my question.. but is this the only way? it seems
a bit overwhelming for me.. isn't there any other way? like any function we
can call?
thanks
On 7/13/07, Jim Fox <[EMAIL PROTECTED]> wrote:
On Jul 12, 2007, at 9:29 PM, imin macho wrote:
> hi...
>
> i'm a noob in ope
> thanks a lot for answering my question.. but is this the only way?
> it seems a bit overwhelming for me.. isn't there any other way?
> like any function we can call?
Rather than risking you screwing up security-critical code, why don't you
paste the part of the code that sets the validity and
Thanks a lot for trying to help me.
here's the snippet of the code:
the function that calls IssueCertificate has this line in them:
cinfo.begin_validity = day_start;
cinfo.validity = day_end;
both day_start and day_end are int variables. then they are passed to the
IssueCertificate function as
This function rounds an ASN1_UTCTIME up to the end of the day it belongs to.
You need to call this function on an ASN1_UTCTIME before you set it as the
'not valid after' date:
void X509_gmtime_roundup(ASN1_UTCTIME *s)
{ /* Rounds an ASN1_UTCTIME up to the end of the current day */
char buf[32];
Thanks a lot for your help, David Schwartz! I haven't got it correctly yet,
but with your help I could see I'm moving somewhere here.
I added the X509_gmtime_roundup(X509_get_notAfter(x)); at my
renewCertificate function. When I renewed the cert valid to for example, to
31/7/2007, the cert valid
I added the X509_gmtime_roundup(X509_get_notAfter(x)); at my
renewCertificate function. When I renewed the cert valid to for example, to
31/7/2007, the cert valid to will be strangely changed to '1/8/2007
7:59:59". May I know which part should I alter here?
There is nothing to change, as it
I see... does this mean I can't make it to expire at 23:59:59 for the
particular day? This is the UTC/GMT time for which area...? hmm.. actly i'm
still confused...
anyway it's ok then if I can't make it that way. Is there any way I can
convince my boss that (besides sending him a copy of this ema
hold on! thanks a lot I managed to get it to 23:59:59. all i had to do was
change the value
strcpy(buf+6, "235959Z"); to strcpy(buf+6, "155959Z");
thanks again, David Schwartz! You're a great help!!
On 7/16/07, David Schwartz <[EMAIL PROTECTED]> wrote:
I added the X509_gmtime_roundup(X509_
erm... but there's still one problem. where in IssueCertificate should I add
the line
X509_gmtime_roundup(X509_get_notAfter(x)); ?
because currently the line is only added in renewCertificate... as I can't
see where in IssueCertificate can I add those lines.. thanks again
On 7/16/07, David Schwar
hold on! thanks a lot I managed to get it to 23:59:59. all i had to do was
change the value
strcpy(buf+6, "235959Z"); to strcpy(buf+6, "155959Z");
I would not do that. There is no way you can know that 15:59:59 will
correspond to 24:59:59 in the future when the certificate expires. You ar
thanks a lot for your lenghty explanation, David Schwartz. I really
appreciate it for you to help me explain all this. I noted you said that what
I did might be sensible if three things are the case: 1) The locale you are
using the certificate has no daylight savings time.
2) The certificate isn't
thanks a lot for your lenghty explanation, David Schwartz. I really
appreciate it for you to help me explain all this. I noted you said that
what I did might be sensible if three things are the case:
1) The locale you are using the certificate has no daylight savings time.
2) The certifica
No wonder I couldn't find the MakeCertificate function, it's actually
resides in an external library. I 'll try to do anything I could to make
sure it works as needed..
However, thank you very much for your help David Schwartz.. if you were in
java.sun.com forum I'd surely have given you at least
No wonder I couldn't find the MakeCertificate function, it's actually
resides in an external library. I 'll try to do anything I could to make
sure it works as needed..
However, thank you very much for your help David Schwartz.. if you were in
java.sun.com forum I'd surely have given you at
15 matches
Mail list logo
