Re: [Openvpn-users] expiry date CA

Fri, 31 Jan 2014 06:36:10 -0800 

Just as a note, I don't remember how openvpn considers it, but some systems
consider a certificate invalid if its issuer cert has expired, even if the
certificate itself has not.  It may be that's not the case for
openvpn/openssl, but I remember getting bitten by that once some years ago,
and figure it's best to at least keep it in mind.

-Joe


On Fri, Jan 31, 2014 at 9:02 AM, Bonno Bloksma <b.blok...@tio.nl> wrote:

> Hi,
>
> >> I want to find out when my CA expires, how do I do that. I cannot see
> >> any readable info by just looking at the ca.key or the ca.crt Which
> command will let me see that info?
> >> Which command will let me see when the client certs expire?
> >
> > openssl x509 -subject -dates -noout -in ca.crt
> [..]
> notBefore=May 16 06:04:32 2008 GMT
> notAfter=May 14 06:04:32 2018 GMT
>
> Ok, I've got a few years left. ;-)
>
> > openssl x509 -subject -dates -noout -in client-cert.crt
>
> And these are even later of course.
>
> Thanks
>
> Bonno Bloksma
>
>
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to