From: Gurucharan Shetty <gshetty@nicira.com>
Date: Mon, 15 Oct 2012 21:41:31 +0000 (-0700)
Subject: ovs-pki: Increase the validity days for self-signed certificates.
X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93ea780907c2c4315ecc1a3e7823fcba3aba5e96;p=openvswitch

ovs-pki: Increase the validity days for self-signed certificates.

For self-signed certificates, increase validity from the default
30 days to 6 years.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
---

diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in
index 2a67d538..bf40c295 100755
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -512,7 +512,7 @@ elif test "$command" = self-sign; then
     # Create both the private key and certificate with restricted permissions.
     (umask 077 && \
      openssl x509 -in "$arg1-req.pem" -out "$arg1-cert.pem.tmp" \
-        -signkey "$arg1-privkey.pem" -req -text) 2>&3 || exit $?
+        -signkey "$arg1-privkey.pem" -req -days 2191 -text) 2>&3 || exit $?
 
     # Reset the permissions on the certificate to the user's default.
     cat "$arg1-cert.pem.tmp" > "$arg1-cert.pem"