RE: Key.pme expiration problem

2008-11-06 Thread Ajeet kumar.S 
Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return
expire or going to expire. Please check it. 

 

Thank you.

Regards,

--Ajeet  Kumar  Singh

 

Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet 

 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Knight
Sent: Thursday, November 06, 2008 12:34 AM
To: openssl-users@openssl.org
Subject: Key.pme expiration problem

Hello,

Yesterday I created a new certificate request for use with Sendmail and 
STARTTLS. I signed the request with my existing CA. This morning I'm 
getting messages from certwatch say the key and cert are expired or are 
going to expire in less than 7 days. My CA is good till December 2010, 
and the request is good untill November  2009. When I run certwatch I 
get these errors...

unable to load certificate
5143:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5173:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5203:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5235:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5260:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'

I have 5 files (3 certs and 2 keys) in /etc/mail/certs where certwatch 
is watching and they all give this error. Only 1 cert and key is from 
yesterday. The other 3 have been there for almost a year.

Is there a way to check the date on the key files to verify that they 
are expiring. Is the error above causing the problem?

Thanks,
Rick
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Key.pme expiration problem

2008-11-06 Thread Rick Knight 

Ajeet,

Thanks for your reply, however I'm not sure I understand. I'm not a 
programmer, I'm just trying to use my certificates and keys. Can you 
give me a more newbie example of how to check the time function?


Thanks,
Rick

Ajeet kumar.S wrote:

Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return
expire or going to expire. Please check it. 

 


Thank you.

Regards,

--Ajeet  Kumar  Singh

 


Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet 

 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Knight
Sent: Thursday, November 06, 2008 12:34 AM
To: openssl-users@openssl.org
Subject: Key.pme expiration problem

Hello,

Yesterday I created a new certificate request for use with Sendmail and 
STARTTLS. I signed the request with my existing CA. This morning I'm 
getting messages from certwatch say the key and cert are expired or are 
going to expire in less than 7 days. My CA is good till December 2010, 
and the request is good untill November  2009. When I run certwatch I 
get these errors...


unable to load certificate
5143:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate
5173:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate
5203:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate
5235:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'
unable to load certificate
5260:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE

date: invalid date `+%s'

I have 5 files (3 certs and 2 keys) in /etc/mail/certs where certwatch 
is watching and they all give this error. Only 1 cert and key is from 
yesterday. The other 3 have been there for almost a year.


Is there a way to check the date on the key files to verify that they 
are expiring. Is the error above causing the problem?


Thanks,
Rick
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]
  


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]