Hi Andreas, Thanks, that helps point me in the right direction. For those interested, the OS is Debian 6 (squeeze).
Thanks, Niels On 23/05/2011 9:47 PM, Andreas Steffen wrote: > Hello Niels, > > it seems that on your amd64 "time_t" is defined as a 32 bit signed > integer and not a 64 bit signed integer as should be the case on > platforms with a 64 bit OS. I remember successfully running unit tests > with dates after 2038 on my amd64 box where time_t was definitively > 64 bits. > > With 32 bits, time_t wraps around again in 2106 so that 2110 would > in fact be represented as 1974. > > Regards > > Andreas > > On 23.05.2011 14:01, Niels Peen wrote: >> While experimenting with a CA certificate due to expire in 2110 I >> noticed this works fine on some servers, but not on others. In all cases >> the Strongswan version is 4.4.1. As I did not notice any date related >> bugfixes in the Changelog I've not yet tried a newer version. >> >> On the servers where this does not work, Strongswan claims the >> certificate expires in 1974. OpenSSL correctly report 2110 on all >> servers. Also OpenVPN, which uses the same certificate, works fine on >> all servers. >> >> The failing servers happen to be amd64, whereas the one server that >> works normally is 686. I'm not sure that's related though. >> >> Has anyone else tried CA certificates with an expiry date that far in >> the future on amd64? >> >> Thanks, >> Niels > > ====================================================================== > Andreas Steffen [email protected] > strongSwan - the Linux VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
