12-18-2011 10:42 PM
I'm configuring up a stingray for customer and I'm about to do a CSR for them through the stingray interface. However, when creating a self-signed cert, it only gives me the option of 1day, 1month, 1year or 10years.
The customer wishes to do a 3year CSR. Is this possible somehow, or do I have to resort to keytool? This would not be ideal.
Solved! Go to Solution.
04-16-2012 04:22 AM
CSRs don't contain an expiry time. The certificate authority used the data in the CSR to create the certificate, and it's up to them to decide how long the certiicate they create should be valid for.
If you create your own self-signed certificate, you can select the expiry time. The UI allows you to specify an expiry time of 1 day, 1 month, 1 year or 1 decade.
The expiry time for self-signed certificates is not particularly significant (the cert is self-signed, so the duration of the signature's validity is meaningless) but it's useful for testing. If you need to fine-tune the duration, there are plenty of tools that can generate a self-signed cert; Stingray ships with $ZEUSHOME/admin/bin/cert for example.