diff options
| author | Martin Willi <martin@revosec.ch> | 2010-05-31 13:14:36 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-05-31 13:15:19 +0200 |
| commit | a2cf26f1c1be7b9b141bc87c1f04c02ad0b6ed57 (patch) | |
| tree | 95f72f3bbb12220427204734e5c395623035aa69 /src | |
| parent | 70ac7c43a5f143ced4cb05bb6a94f9a483098826 (diff) | |
| download | strongswan-a2cf26f1c1be7b9b141bc87c1f04c02ad0b6ed57.tar.bz2 strongswan-a2cf26f1c1be7b9b141bc87c1f04c02ad0b6ed57.tar.xz | |
Changed default lifetime of certificates to 3 years
Diffstat (limited to 'src')
| -rw-r--r-- | src/pki/commands/issue.c | 4 | ||||
| -rw-r--r-- | src/pki/commands/self.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index fcd758f87..1e11b84e6 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -37,7 +37,7 @@ static int issue() char *error = NULL; identification_t *id = NULL; linked_list_t *san, *cdps, *ocsp; - int lifetime = 1080; + int lifetime = 1095; int pathlen = X509_NO_PATH_LEN_CONSTRAINT; chunk_t serial = chunk_empty; chunk_t encoding = chunk_empty; @@ -361,7 +361,7 @@ static void __attribute__ ((constructor))reg() {"cakey", 'k', 1, "CA private key file"}, {"dn", 'd', 1, "distinguished name to include as subject"}, {"san", 'a', 1, "subjectAltName to include in certificate"}, - {"lifetime",'l', 1, "days the certificate is valid, default: 1080"}, + {"lifetime",'l', 1, "days the certificate is valid, default: 1095"}, {"serial", 's', 1, "serial number in hex, default: random"}, {"ca", 'b', 0, "include CA basicConstraint, default: no"}, {"pathlen", 'p', 1, "set path length constraint"}, diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c index f0805658a..f6fb5704d 100644 --- a/src/pki/commands/self.c +++ b/src/pki/commands/self.c @@ -34,7 +34,7 @@ static int self() char *file = NULL, *dn = NULL, *hex = NULL, *error = NULL; identification_t *id = NULL; linked_list_t *san, *ocsp; - int lifetime = 1080; + int lifetime = 1095; int pathlen = X509_NO_PATH_LEN_CONSTRAINT; chunk_t serial = chunk_empty; chunk_t encoding = chunk_empty; @@ -247,7 +247,7 @@ static void __attribute__ ((constructor))reg() {"type", 't', 1, "type of input key, default: rsa"}, {"dn", 'd', 1, "subject and issuer distinguished name"}, {"san", 'a', 1, "subjectAltName to include in certificate"}, - {"lifetime",'l', 1, "days the certificate is valid, default: 1080"}, + {"lifetime",'l', 1, "days the certificate is valid, default: 1095"}, {"serial", 's', 1, "serial number in hex, default: random"}, {"ca", 'b', 0, "include CA basicConstraint, default: no"}, {"pathlen", 'p', 1, "set path length constraint"}, |