user1164061
Reputation: 4352
why is my certificate expiring so soon?
I created a keystore for Artifactory as follows:
openssl genrsa -des3 -out jetty.key
openssl req -new -x509 -key jetty.key -out jetty.crt
keytool -keystore keystore -import -alias jetty -file jetty.crt -trustcacerts
openssl req -new -key jetty.key -out jetty.csr
openssl pkcs12 -inkey jetty.key -in jetty.crt -export -out jetty.pkcs12
keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
I just created it this week but am already getting a warning that the certificate is expiring soon.
"WARNING - Certificate expires in 26 day(s) ".
why is it expiring so soon and how can I extend the expiry date?
Any help is appreciated.
Thanks
Upvotes: 0
Views: 162
Answers (1)
Phillip
Reputation: 13668
Try adding -days 360 to the openssl req command. From the manual:
-days n
when the -x509 option is being used this specifies the number of
days to certify the certificate for. The default is 30 days.
You can also use keytool directly without openssl. The according parameter is named -validity there.
Upvotes: 2
Related Questions
- X509 client-certificate not found in Jetty 11
- Why do I get a SSL Expired error for certificates that are still valid?
- How to configure SSL in Jetty with CA signed certificate properly?
- Configuring SSL on Jetty
- New Certificate - PKIX path building failed
- Configuring SSL with Jetty 9
- Jetty sends different SSL certificate than what's configured in keystore
- SSL certificate expired the same day of creation
- Importing a certificate into Jetty
- Logging a Jetty SSL Client Certificate Issue