Last month I generated a self-signed certificate like this:
openssl req -new -x509 -nodes -out example.com.crt -key example.com.key
Yesterday, a month later, things depending on this certificate started to break, and I realized it was because the certificate had expired: apparently the default expiration date is a month.
So I regenerated it, adding -days 3650 to set the expiration date 10 years into the future.
openssl req -new -x509 -days 3650 -nodes -out example.com.crt -key example.com.key
I double-checked the expiration date with:
openssl x509 -enddate -noout -in example.com.crt
And was surprised to see this returned:
notAfter=Jul 19 18:42:13 2030 GMT
Surely something must be broken, I thought: 2030 isn’t in 10 years.
Oh, right, 2030 is in 10 years.
About This Blog
I am Peter Rukavina and this is my blog. I am a writer, letterpress printer, and a curious person.
To learn more about me, read my /now, look at my bio, listen to audio I’ve posted, read presentations and speeches I’ve written, or get in touch (peter@rukavina.net is the quickest way).
You can subscribe to an RSS feed of posts, an RSS feed of comments, or a podcast RSS feed that just contains audio posts. You can also receive a daily digests of posts by email.
Comments
I love this post. So
I love this post. So eminently you!
Adorable. Was just passing by
Adorable. Was just passing by, but I want you to know, I read it and I laughed in sympathy. I had something similar, though on a scale of days being longer than a year rather than summing up to a decade. :D
Thank you for the post.
Add new comment