#2304 Certificate validity delay
Closed: Fixed None Opened 7 years ago by edewata.

Most certificate profiles are configured with startTime=0 by default, so the certificates issued with those profiles can be used immediately. However, some profiles have startTime=60 by default which means the certificate requester has to wait 1 minute before the certificate can be used. These profiles are:

  • caDualCert
  • caECDualCert
  • caJarSigningCert
  • caSignedLogCert

This delay seems to be unnecessary. It may confuse users unaware about the delay, and it may cause failures in automations if the delay is not taken into account.

To avoid problems the delay should not be included by default. If someone needs to use a delay, the profiles can still be customized as needed.


Per Bug Triage of 05/03/2016: 10.3.0

Metadata Update from @edewata:
- Issue assigned to edewata
- Issue set to the milestone: 10.3.1

7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2424

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Login to comment on this ticket.

Metadata