From 72aa493e2fb881d873c82d31bc4b585dd608db48 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Wed, 16 Sep 2009 14:09:29 -0700 Subject: [PATCH] ovs-pki: Extend validity of generated CA certificates from 3 to 6 years. Dan requested this change to make it less likely that a user encounter a CA certificate expiring. For the "citrix" branch instead of "master" in case a customer upgrades (without generating new CA certificates) away from the beta. CC: Dan Wendlandt --- utilities/ovs-pki.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index 22b5f2a0..39d5782e 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -271,7 +271,7 @@ EOF -newkey $newkey -keyout private/cakey.pem -out careq.pem \ 1>&3 2>&3 openssl ca -config ca.cnf -create_serial -out cacert.pem \ - -days 1095 -batch -keyfile private/cakey.pem -selfsign \ + -days 2191 -batch -keyfile private/cakey.pem -selfsign \ -infiles careq.pem 1>&3 2>&3 chmod 0700 private/cakey.pem -- 2.30.2