> > Is X509_get_notAfter() what you're looking for? > > In practice you cannot change the expiry date of an existing certificate > because the certificate is signed by a CA at the time of issuing (when > the date is decided). >
Yes, I see. But I can revoke the certificate and reissue a new certificate after resetting its lifetime. I just want to get the expiry time from existing certificate. I will study the X509_get_notAfter() and take a test. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
