Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[dev.icinga.com #10266] "Not after" value overflows in X509 certificates on RHEL5 #3466
This issue has been migrated from Redmine: https://dev.icinga.com/issues/10266
Created by mfriedrich on 2015-10-02 09:41:28 +00:00
We should just lower the default expiration date from 30y to a more sane value.
2015-10-02 10:11:21 +00:00 by mfriedrich f0a5a0c
2015-10-13 10:20:57 +00:00 by mfriedrich 72c19fe
Updated by mfriedrich on 2015-10-02 10:12:51 +00:00
Hm, apparently it only affects the git master, not 2.3.10 and also not only 32bit centos5, also x64.
And it seems, only certificates generated with new-cert, but not the ones coming from 'api setup'. strange.
Updated by mfriedrich on 2015-10-02 15:15:33 +00:00
No idea which change introduced the overflow, but apparently I read an article where setting the expiration that long isn't a good idea either. Lowering the value to 15y solves the issue.