Good point. Actually we are looking to use 2105 as the expiration date. May you please confirm if I can generate a certificate using GeneralizedTime format using OpenSSL toolkit? I will check into our system libraries.
Thanks/Nestor On 12/13/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
On Wed, Dec 13, 2006, Nestor Volpe wrote: > I have OpenSSL toolkit v0.9.8a and I am needing to generate a Server > certificate using GeneralizedTime for the "notBefore" and "notAfter" dates. > Is it doable with the toolkit or does it support UTCTime only? Please > advise! > OpenSSL obeys the standards which require the use of UTCTime for dates before 2050. If you want GeneralizedTime then it needs a date after then *but* this may cause problems with system time libraries overflowing and producing unpredictable results. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
