hx509_ca_tbs_set_notAfter_lifetime expects the lifetime value in
in seconds. The Windows 7 client didn't seem to care that the lifetime
was only 6'03''. Two other TODOs in this implementation:
* Since notBefore is not set explicietely to "now", the heimdal code
default of now-(24 hours) is applied.
* Server side validity checks and cert renewal are missing.
Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
char *secret_name;
struct bkrp_exported_RSA_key_pair keypair;
enum ndr_err_code ndr_err;
- uint32_t nb_days_validity = 365;
+ uint32_t nb_days_validity = 3600 * 24 * 365;
DEBUG(6, ("Trying to generate a certificate\n"));
hx509_context_init(&hctx);