Menu
Using the openssl req tool, is it possible to explicitly specify the start and end dates on the certificate (eg, like the -startdate and -enddate options to openssl ca)?
I would like to create a certificate which is valid between a date in the past and a date in the future.
397
openssl req creates a certificate request (CSR), not a certificate. It's up to the CA to decide the notBefore and notAfter dates (like any other attributes it's willing to issue) when it creates the certificate. The CSR format (PKCS#10) doesn't have any fields to put these dates.
Of course, if it's for a self-signed certificate, you can issue the certificate from your own CSR with the dates you want, using openssl ca (or by changing the configuration in the OpenSSL configuration file).
79
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
