Bug 39257 - Option -days for univention-certificate new
Option -days for univention-certificate new
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: SSL
UCS 4.0
All Linux
: P4 normal (vote)
: UCS 4.1-2-errata
Assigned To: Philipp Hahn
Janek Walkenhorst
:
Depends on: 823
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-25 10:58 CEST by Janis Meybohm
Modified: 2016-07-21 15:16 CEST (History)
6 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Janis Meybohm univentionstaff 2015-08-25 10:58:00 CEST
+++ This bug was initially created as a clone of Bug #823 +++

"univention-certificate new" does not respect the option "-days <days>".

Example:
root@master:~# ucr get ssl/default/days
1825
root@master:~# univention-certificate new -name barbara.test.days -days 5
Creating certificate: barbara.test.days
Generating RSA private key, 2048 bit long modulus
...........................+++
.......+++
e is 65537 (0x10001)
Using configuration from openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName           :PRINTABLE:'US'
stateOrProvinceName   :PRINTABLE:'DE'
localityName          :PRINTABLE:'DE'
organizationName      :PRINTABLE:'lrh-mv'
organizationalUnitName:PRINTABLE:'Univention Corporate Server'
commonName            :PRINTABLE:'barbara.test.days'
emailAddress          :IA5STRING:'ssl@sn.lrh-mv.de'
Certificate is to be certified until Aug 23 08:56:29 2020 GMT (1825 days)

Write out database with 1 new entries
Data Base Updated
root@master:~# openssl x509 -in /etc/univention/ssl/barbara.test.days/cert.pem -noout -text | grep -A2 Validity
        Validity
            Not Before: Aug 25 08:56:29 2015 GMT
            Not After : Aug 23 08:56:29 2020 GMT
Comment 1 Philipp Hahn univentionstaff 2016-06-23 14:12:33 CEST
r70559 | Bug #39257 ssl: Allow univention-certificate new -days

Package: univention-ssl
Version: 10.0.0-11.168.201606230839
Version: 10.0.0-12.169.201606231402
Branch: ucs_4.1-0
Scope: errata4.1-2

r70577 | Bug #31369,Bug #39257,Bug #24094,Bug #40498,Bug #25285,Bug #35748: ssl YAML
 univention-ssl.yaml
Comment 2 Janek Walkenhorst univentionstaff 2016-07-13 19:28:50 CEST
Tests: OK
Code review: OK
Advisory: OK
Comment 3 Janek Walkenhorst univentionstaff 2016-07-21 15:16:09 CEST
<http://errata.software-univention.de/ucs/4.1/213.html>