Expiration #343
Comments
|
Lines 59 to 62 in 0a3190b expiration period is hardcoded here, and the comment tells the reason of the value. |
|
if this is a feature request, maybe duplicate of #339. |
|
maybe expose this as an option and if a user exceeds the macos maximum expiration date, log a warning? Also, I'll be honest I am new to certificates, but I think that a cert generated on linux or windows is not valid on mac, and vice versa because it is tied to a root cert that is specific to that OS. So if we detect what OS the cert is being generated for, we could avoid even logging that error for non-macs. The big use case for me is distributing a localhost web app as a linux package. The certificate doesn't ever need to expire in that case, and it would be frustrating for users to see an error in their app that their cert expired 2 years later |
|
@andykais Certificates are platform/ OS neutral AFAIK. It is the way we install certificate to the OS certificate store differ between OS. |
|
Follow-up question on this - is there any way to detect an expired certificate? So I can create + trust a new one? |
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and requests certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and requests certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and rejects certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and rejects certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
Do it is possible to set custom expiration date?
The text was updated successfully, but these errors were encountered: