-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update doc/ca.pod to clarify description for dates #3895
Conversation
doc/man1/ca.pod
Outdated
|
||
Based on RFC 5280, since OpenSSL 1.1.1, the certificate validity period | ||
(specified by any of B<-startdate>, B<-enddate> and B<-days>) will be | ||
enconded as UTCTime if the dates are earlier than 2049 (included), and as |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
enconded ? ;)
than (year) 2049 ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Errr...
f8c8c7f
to
db4b03c
Compare
commit updated. @FdaSilvaYY |
Ping @openssl |
doc/man1/ca.pod
Outdated
date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure). | ||
date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or | ||
YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In | ||
both formats, seconds SS and timzone Z must be presented. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think s/presented/present/ is better.
doc/man1/ca.pod
Outdated
date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure). | ||
date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or | ||
YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In | ||
both formats, seconds SS and timzone Z must be presented. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(ditto)
updated: change 'presented' to 'present' |
Let'e ping @openssl for an OMC approval. |
doc/man1/ca.pod
Outdated
@@ -701,6 +705,13 @@ For example if the CA certificate has: | |||
|
|||
then even if a certificate is issued with CA:TRUE it will not be valid. | |||
|
|||
=head1 NOTE | |||
|
|||
Based on RFC 5280, since OpenSSL 1.1.1, the certificate validity period |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Call this HISTORY and start it as "Since OpenSSL version 1.1.1, the program follows RFC 5280 and ...."
updated based on @richsalz 's comments. |
"Note" part is based on PR openssl#3566
Delete 'version' to follow #3938 |
looks like this could be merged now... |
thank you! |
"Note" part is based on PR #3566
Checklist