Ian jonhson wrote: > Thank you for your answering. > >> I think you've misunderstood what SSL_CTX_get_timeout() does. This >> timeout is the SSL session timeout which lets you decide how long an SSL >> session can stay in cache before it becomes non-resumable. The openssl >> manual pages have sufficient info. >> > > According to your words, then which function should I take to get or > set the expire time of exist certificate? X509_gmtime_adj() ? >
Is X509_get_notAfter() what you're looking for? In practice you cannot change the expiry date of an existing certificate because the certificate is signed by a CA at the time of issuing (when the date is decided). -jb -- Tact is the art of making a point without making an enemy. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]