Thanks for the heads up. That seems to be my exact issue. when reading the bug description I can't tell if it's a cosmetic error or will it affect function ?
Will it still consider it valid if its expired ? It would think not, as that's the whole point to have an expiration date on a cert right ? My customer has been distributing this cert across their organization since October. I don't think they are going to change it. Uggg From: Joe Martini [mailto:[email protected]] Sent: Thursday, December 04, 2014 12:11 PM To: Jeremy Bresley; [email protected]; Josh Warcop Cc: [email protected] Subject: Re: [cisco-voip] VCS 8.2 won't accept Trusted CA Cert with expiration date of 40 years from now - shows it as expired Dec 31, 1969 Brian, Looks like this https://tools.cisco.com/bugsearch/bug/CSCup81787 and there is a fix in the next version. Joe On Dec 4, 2014, at 12:28 PM, Jeremy Bresley <[email protected] <mailto:[email protected]> > wrote: On 12/4/2014 9:58 AM, Brian V wrote: Customer provided me their root CA and intermediate CA (internal) to load on the VCS-C The intermediate cert (expires in 20 yr) is loaded fine, when loading the root cert (expires in 40 yr) it says its already expired in 1969 ! Is there a limit on the length of a Cert or perhaps just a bug in code ? Anyone run into this before ? This is the longest I've seen someone sign a cert for. Is this common to use such a long duration ? I have a TAC case open, still waiting to be contacted by them. First thought would be 32-bit UNIX time wrapping in 2038. Pretty sure that VCS is based on Linux. The 20 year cert would be within that range, the 40 year one wouldn't be. I'd be curious if both of them being 20 years resolves it. And I chuckled when I read it, we're going through headaches with certs and renewals/replacements right now, and I really wish I could do 40 years on them so I would be long gone before they expired and had to be replaced again. ;-) Jeremy "TheBrez" Bresley [email protected] <mailto:[email protected]> _______________________________________________ cisco-voip mailing list [email protected] <mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
