Red Hat Bugzilla – Bug 131045
The genkey program only generates certs good for 30 days
Last modified: 2007-11-30 17:07:03 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114 Description of problem: When using the genkey program to generate a self signed it is only good for 30 days. In looking at the script it is nor possible to change this short of editing the script by hand. What good is a 30 day ssl cert. IMO the certs should be good for at least a year or better yet I should be able to specify the length myself. Version-Release number of selected component (if applicable): crypto-utils-2.0-4 How reproducible: Always Steps to Reproduce: 1.Run genkey program and generate an ssl key Actual Results: I got an ssl cert that was only good for 30 days Expected Results: I expected it to be good for at least a year, or better yet I should be able to specify it on the command line. Additional info:
Adding a --days flag for this would be reasonable. The point of genkey is really for CSR generation, where a self-signed cert is a temporary stop-gap until you receive the real CA-signed cert back.