From: Martin Willi <martin@revosec.ch>
Date: Mon, 31 May 2010 11:14:36 +0000 (+0200)
Subject: Changed default lifetime of certificates to 3 years
X-Git-Tag: 4.4.1~201
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a2cf26f1c1be7b9b141bc87c1f04c02ad0b6ed57;p=thirdparty%2Fstrongswan.git

Changed default lifetime of certificates to 3 years
---

diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index fcd758f879..1e11b84e65 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -37,7 +37,7 @@ static int issue()
 	char *error = NULL;
 	identification_t *id = NULL;
 	linked_list_t *san, *cdps, *ocsp;
-	int lifetime = 1080;
+	int lifetime = 1095;
 	int pathlen = X509_NO_PATH_LEN_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
@@ -361,7 +361,7 @@ static void __attribute__ ((constructor))reg()
 			{"cakey",	'k', 1, "CA private key file"},
 			{"dn",		'd', 1, "distinguished name to include as subject"},
 			{"san",		'a', 1, "subjectAltName to include in certificate"},
-			{"lifetime",'l', 1, "days the certificate is valid, default: 1080"},
+			{"lifetime",'l', 1, "days the certificate is valid, default: 1095"},
 			{"serial",	's', 1, "serial number in hex, default: random"},
 			{"ca",		'b', 0, "include CA basicConstraint, default: no"},
 			{"pathlen",	'p', 1, "set path length constraint"},
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index f0805658ac..f6fb5704d9 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -34,7 +34,7 @@ static int self()
 	char *file = NULL, *dn = NULL, *hex = NULL, *error = NULL;
 	identification_t *id = NULL;
 	linked_list_t *san, *ocsp;
-	int lifetime = 1080;
+	int lifetime = 1095;
 	int pathlen = X509_NO_PATH_LEN_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
@@ -247,7 +247,7 @@ static void __attribute__ ((constructor))reg()
 			{"type",	't', 1, "type of input key, default: rsa"},
 			{"dn",		'd', 1, "subject and issuer distinguished name"},
 			{"san",		'a', 1, "subjectAltName to include in certificate"},
-			{"lifetime",'l', 1, "days the certificate is valid, default: 1080"},
+			{"lifetime",'l', 1, "days the certificate is valid, default: 1095"},
 			{"serial",	's', 1, "serial number in hex, default: random"},
 			{"ca",		'b', 0, "include CA basicConstraint, default: no"},
 			{"pathlen",	'p', 1, "set path length constraint"},