-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expiration #343
Comments
Lines 59 to 62 in 0a3190b
expiration period is hardcoded here, and the comment tells the reason of the value. |
if this is a feature request, maybe duplicate of #339. |
maybe expose this as an option and if a user exceeds the macos maximum expiration date, log a warning? Also, I'll be honest I am new to certificates, but I think that a cert generated on linux or windows is not valid on mac, and vice versa because it is tied to a root cert that is specific to that OS. So if we detect what OS the cert is being generated for, we could avoid even logging that error for non-macs. The big use case for me is distributing a localhost web app as a linux package. The certificate doesn't ever need to expire in that case, and it would be frustrating for users to see an error in their app that their cert expired 2 years later |
@andykais Certificates are platform/ OS neutral AFAIK. It is the way we install certificate to the OS certificate store differ between OS. |
Follow-up question on this - is there any way to detect an expired certificate? So I can create + trust a new one? |
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and requests certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and requests certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and rejects certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
The hard-coded default of 2 years, 3 months works for most applications. However, some applications enforce that the certificate is only valid for a short period and this default is too long. For example, WebRTC fingerprinting enforces a max duration of 30 days. WebTransport is even more extreme and rejects certs valid for more than 14 days. These certificates are meant to be ephemeral. Fixes FiloSottile#339 FiloSottile#343
Do it is possible to set custom expiration date?
The text was updated successfully, but these errors were encountered: