Does anyone know how difficult it would be to add support for the 'never expire' timestamp of '99991231235959Z'.
I'm using embedded certificates that never expire and need to create CA and sub-CA certificates that match.
I'm quite keen to use EJBCA in the project, but really need to build in this change first.
Did you try to just set the epire date to 9999 in the certificate profile/create CA form?
You sure you need more than say 100 years validty?
The particular devices that I am supporting are intended to be in the field for more than 25 years. As such the 'notAfter' year will exceed 2038. This really requires that I use the GeneralizedTime value of 99991231235959Z, as in RFC5280.
hi, that sounds pretty cool. I dont think it would be very hard. everything takes a little time though. should be easy.
I had a few certificates that I imported into EJBCA with the notAfter date set to 99991231235959Z. However, EJBCA displays a 2038 expiry date rather than 1/1/10000 (I should add that I'm UTC+10 here).
A bit too busy now to look into details of it, but I created an issue for it in the tracker.
Thanks for that Tomas, it's very much appreciated.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.