Currently, when using sbctl create-keys, the validity period is hardcoded:
c := x509.Certificate{
SerialNumber: serialNumber,
PublicKeyAlgorithm: x509.RSA,
SignatureAlgorithm: x509.SHA256WithRSA,
NotBefore: time.Now(),
NotAfter: time.Now().AddDate(5, 0, 0),
Subject: pkix.Name{
Country: []string{desc},
CommonName: desc,
},
}time.Now() can be overridden via faketime, but .AddDate(5, 0, 0) cannot.
Would it be possible to allow to configure the period?
Or, are there deeper reasons to not do this.
Currently, when using
sbctl create-keys, the validity period is hardcoded:time.Now()can be overridden viafaketime, but.AddDate(5, 0, 0)cannot.Would it be possible to allow to configure the period?
Or, are there deeper reasons to not do this.