Re: [PLUG] openssl certificate with start and end date

brent saner via plug on 14 Jul 2023 12:42:57 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] openssl certificate with start and end date

From: brent saner via plug <plug@lists.phillylinux.org>
To: PLUG -- Philly Linux Users Group <plug@lists.phillylinux.org>
Subject: Re: [PLUG] openssl certificate with start and end date
Date: Fri, 14 Jul 2023 15:42:42 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1689363773; x=1689968573; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=2/d+4m5Rxo8Q2WQ/BL5g2zQotDroTeK5bY8m+ctu6A4=; b=mCBdeGwmaUxCT90svhuANhbEaqqhDwDOtok1qYZo3Pn8URh33r8fj1VpfeHUT5/DeK pfhrX7OX4Prkr8AG357wV/mw5PKEZZ1EraRGYtCnWFEPK65fBcN2Am6xt/bur4AOZrgH fPAMiwvuysWnKvWTF+HvYHReb/mF8Xbkh4+jEfvItvIIRpVoArMkdTvL1EE3RwQN4/w7 BzWHKIPzr4n2FtRHjWR1WiPMRYhvd8eTCtExgdpJZ9tke/yQa+BnhRGSsRM4Iuoqgj51 o3d9IsgyHN9Pi3uyF3QG0JihbJGw92Ff5c3cK3WrcXTqubbeyZ+Gc9dBC+NdsMWY9m7k xR3g==
Reply-to: brent saner <brent.saner@gmail.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Fri, Jul 14, 2023 at 2:51 PM Rita via plug <plug@lists.phillylinux.org> wrote:

(SNIP)
Is it possible?

Of course it's possible; it's part of the X.509 spec.

Specifically, the notBefore and notAfter ASN.1 properties.

Now, creating a certificate via the openssl program is a different matter. One-off-creating certs like that don't let you do anywhere close to 1/8 of what you can do for X.509 certificates.

For this particular request, however, you'll need to use the -startdate and -enddate arguments of openssl ca, not openssl x509.

If you do a lot of certificate generation, though, I'd recommend turning up HashiCorp Vault. Their PKI support is great.

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] openssl certificate with start and end date
  - From: Rita via plug <plug@lists.phillylinux.org>

Prev by Date: [PLUG] openssl certificate with start and end date
Next by Date: Re: [PLUG] how to divide up a filesystem?
Previous by thread: [PLUG] openssl certificate with start and end date
Next by thread: Re: [PLUG] Linux equivalent of a Windows SID
Index(es):
- Date
- Thread