Revision f944f4a7
Added by Jim Pingle over 5 years ago
| src/usr/local/www/system_certmanager.php | ||
|---|---|---|
| 764 | 764 |
$pconfig['csrsign_lifetime'] ? $pconfig['csrsign_lifetime']:$default_lifetime, |
| 765 | 765 |
['max' => $max_lifetime] |
| 766 | 766 |
))->setHelp('The length of time the signed certificate will be valid, in days. %1$s' .
|
| 767 |
'Server certificates should not have a lifetime over 825 days or some platforms ' .
|
|
| 768 |
'may consider the certificate invalid.', '<br/>'); |
|
| 767 |
'Server certificates should not have a lifetime over %2$s days or some platforms ' .
|
|
| 768 |
'may consider the certificate invalid.', '<br/>', $cert_strict_values['max_server_cert_lifetime']);
|
|
| 769 | 769 |
$section->addInput(new Form_Select( |
| 770 | 770 |
'csrsign_digest_alg', |
| 771 | 771 |
'*Digest Algorithm', |
| ... | ... | |
| 882 | 882 |
$pconfig['lifetime'], |
| 883 | 883 |
['max' => $max_lifetime] |
| 884 | 884 |
))->setHelp('The length of time the signed certificate will be valid, in days. %1$s' .
|
| 885 |
'Server certificates should not have a lifetime over 825 days or some platforms ' .
|
|
| 886 |
'may consider the certificate invalid.', '<br/>'); |
|
| 885 |
'Server certificates should not have a lifetime over %2$s days or some platforms ' .
|
|
| 886 |
'may consider the certificate invalid.', '<br/>', $cert_strict_values['max_server_cert_lifetime']);
|
|
| 887 | 887 |
|
| 888 | 888 |
$section->addInput(new Form_Input( |
| 889 | 889 |
'dn_commonname', |
Also available in: Unified diff
Server cert lifetime reduced to 398. Fixes #9825
New requirements coming this fall will require new certs to be valid for at most
398 days. Setup this new requirement now, rather than waiting.
While here, reduce usage of hardcoded value where possible.