Extending default validity for self-generated SSL certificates

When I installed GForge recently, I had to generate an SSL certificate as part of the installation since GForge runs on https. However, the make-ssl-cert tool does not provide a way to customize the validity of the generated certificate, which is 30 days by default.

As it turns out, this problem is known for 3 years, and it is still not fixed in Ubuntu 8.04.

The easiest workaround is to edit the make-ssl-cert script using

whereis make-ssl-cert
sudo nano [path-to/]make-ssl-cert

and replace the line

openssl req -config $TMPFILE -new -x509 -nodes -out $output
    -keyout $output

with

openssl req -config $TMPFILE -new -x509 -days 365 -nodes 
    -out $output -keyout $output

That’s it.

This entry was posted on Wednesday, July 16th, 2008 at 23:44 and is filed under Ubuntu. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to Extending default validity for self-generated SSL certificates

  1. Extending default validity for self-generated SSL certificates says:
    July 17, 2008 at 0:10

    […] Read the original post: Extending default validity for self-generated SSL certificates […]

    Reply
  2. Tutorial on how to Install Apache, Subversion and Trac with Virtual Hosting suppor in Ubuntu Linux says:
    November 2, 2008 at 23:21

    […] default Ubuntu SSL cert is only for 30 days, so, we changed this to be 365 a little more sane no? Thanks for the tip […]

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: