LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   OpenVPN CA Certificate Invalid (https://www.linuxquestions.org/questions/linux-networking-3/openvpn-ca-certificate-invalid-640674/)

fukawi2 05-07-2008 09:59 PM
OpenVPN CA Certificate Invalid
 
Hi all,

Does anyone know if a CA Certificate is GENERATED at a future date, is the certificate invalid until that date?

Ie, if I set my system date to 25th December 2010, then set my date correctly using ntp, is that certificate invalid until Christmas day 2010 or can I use it before then?

Thanks,
~p

uncle_philip 05-07-2008 10:12 PM
you don't need to change your computer date.
when create CA, you can set it for 10 years.

billymayday 05-07-2008 10:41 PM
He's refering to a start date rather than an expiry.

I don't know the answer though

fukawi2 05-07-2008 10:57 PM
Quote:
Originally Posted by billymayday (Post 3146361)
He's refering to a start date rather than an expiry.
Correct.

Quote:
Originally Posted by billymayday (Post 3146361)
I don't know the answer though
Bugger!

I'm getting "Certificate Not Yet Valid" errors even though both client and server have been sync'ed to a common NTP server (ntp.internode.on.net) but the certificate was generated on the server before the ntp sync occurred and the date was incorrectly around 10 hours ahead (approx 2000hrs tonight, instead of 0930hrs today)

billymayday 05-07-2008 11:01 PM
Sounds pretty likely as the cause


All times are GMT -5. The time now is 12:56 AM.