Reputation: 45
SSL certificate expired the same day of creation
I've created an SSL certificate for WAMP. The certificate is well-created, but in the browser it shows me that the certificate has expired!
This is what I've done :
openssl req -new -x509 -nodes -sha1 -key private.key
-out certificat.crt -days 36500
-config C:\wamp\bin\apache\apache2.2.21\conf\openssl.cnf
I've specified 36500 days, but it shows me in the certificate information:
valid From : 15/09/2013 to : 16/07/1977
I created it yesterday; I don't know where problem is.
Upvotes: 1
Views: 4618
Answers (2)
Reputation: 19918
Days property in openssl is limited to max positive value 11499.
Values bigger go negative and Certificate Verification is therefore considered "Expired".
Upvotes: 4
Reputation: 120456
Looks like the maximum is probably lower. According to this (a little old, but perhaps still relevant), the days get converted to seconds (60 * 60 * 24 * 36500 = 3153600000 seconds), but the value's stored in a long (with a maximum value of 2147483647), so it overflows and gives you the bunk date.
The post above (verified with a little math) suggests the maximum would be around 24854 days.
Upvotes: 3
Related Questions
- SSL certificate problem: certificate has expire in macOS
- SSL Certificate expires while connected
- java.security.cert.CertificateNotYetValidException even after the "valid from" Date
- You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry
- Openssl telling certificate has expired when it has not
- Why do I get a SSL Expired error for certificates that are still valid?
- Expired SSL Certificate and Encryption
- SSL CRL Expired Issue
- Renewal expired SSL certificate not being loaded Nginx
- SSL Certificate Issue