Project

General

Profile

Bug #9098

Default CRL lifetime of 9999 rolls over at 2038 on ARM

Added by Jim Pingle 3 months ago. Updated 3 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Certificates
Target version:
Start date:
11/05/2018
Due date:
% Done:

100%

Estimated time:
Affected Version:
All
Affected Architecture:
ARMv6

Description

The default lifetime on a CRL is 9999 days, which currently puts it expiring in 2046. On ARM, this seems to lead to a 32-bit rollover as expected in 2038 due to the size of the unix timestamp.

At a minimum we need to cut the default on ARM down to a lower value (10 years should be fine), or lower it for everyone.

Associated revisions

Revision 9aa8f6a8 (diff)
Added by Jim Pingle 3 months ago

Prevent CRL from using too large a lifetime on ARM. Fixes #9098

Revision e5e2ea27 (diff)
Added by Jim Pingle 3 months ago

Prevent CRL from using too large a lifetime on ARM. Fixes #9098

(cherry picked from commit 9aa8f6a864905c0e3738c337a51f0772b0c5eb93)

History

#1 Updated by Jim Pingle 3 months ago

  • Affected Architecture changed from All to ARMv6

CA and Certs get the correct/expected end date in the data, but the GUI doesn't show the dates. Moved that to #9100

#2 Updated by Jim Pingle 3 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#3 Updated by James Dekker 3 months ago

  • Status changed from Feedback to Resolved

Tested on 2.4.5.a.20181116.1325, works as expected.

Also available in: Atom PDF