summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2013-01-07 16:38:25 -0500
committerAde Lee <alee@redhat.com>2013-01-07 17:44:39 -0500
commitb8e407aa83f3ff4a4feea049e4ada54853b39f4d (patch)
tree4b438100761b5c8db71f966769f95cc8c768f5fc
parentb61f31bf15e733de5881cc070feb57aa3686c92d (diff)
downloadpki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.tar.gz
pki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.tar.xz
pki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.zip
Increase root CA validity to 20 years
Trac Ticket #466
-rw-r--r--base/ca/shared/conf/caCert.profile2
-rw-r--r--base/ca/shared/profiles/ca/caCACert.cfg4
-rw-r--r--base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java2
-rw-r--r--base/common/src/com/netscape/cms/profile/def/ValidityDefault.java2
4 files changed, 5 insertions, 5 deletions
diff --git a/base/ca/shared/conf/caCert.profile b/base/ca/shared/conf/caCert.profile
index 3e9c83613..4cd22bafb 100644
--- a/base/ca/shared/conf/caCert.profile
+++ b/base/ca/shared/conf/caCert.profile
@@ -9,7 +9,7 @@ profileSetIDMapping=caCertSet
list=2,4,5,6,7,8
2.default.class=com.netscape.cms.profile.def.CAValidityDefault
2.default.name=CA Certificate Validity Default
-2.default.params.range=2922
+2.default.params.range=7305
2.default.params.startTime=0
4.default.class=com.netscape.cms.profile.def.AuthorityKeyIdentifierExtDefault
4.default.name=Authority Key Identifier Default
diff --git a/base/ca/shared/profiles/ca/caCACert.cfg b/base/ca/shared/profiles/ca/caCACert.cfg
index a88abdf1f..36f81b53b 100644
--- a/base/ca/shared/profiles/ca/caCACert.cfg
+++ b/base/ca/shared/profiles/ca/caCACert.cfg
@@ -20,12 +20,12 @@ policyset.caCertSet.1.default.name=Subject Name Default
policyset.caCertSet.1.default.params.name=
policyset.caCertSet.2.constraint.class_id=validityConstraintImpl
policyset.caCertSet.2.constraint.name=Validity Constraint
-policyset.caCertSet.2.constraint.params.range=2922
+policyset.caCertSet.2.constraint.params.range=7305
policyset.caCertSet.2.constraint.params.notBeforeCheck=false
policyset.caCertSet.2.constraint.params.notAfterCheck=false
policyset.caCertSet.2.default.class_id=caValidityDefaultImpl
policyset.caCertSet.2.default.name=CA Certificate Validity Default
-policyset.caCertSet.2.default.params.range=2922
+policyset.caCertSet.2.default.params.range=7305
policyset.caCertSet.2.default.params.startTime=0
policyset.caCertSet.3.constraint.class_id=keyConstraintImpl
policyset.caCertSet.3.constraint.name=Key Constraint
diff --git a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java
index e3b834ce5..44ffd474f 100644
--- a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java
@@ -100,7 +100,7 @@ public class CAValidityDefault extends EnrollDefault {
if (name.equals(CONFIG_RANGE)) {
return new Descriptor(IDescriptor.STRING,
null,
- "2922", /* 8 years */
+ "7305", /* 20 years */
CMS.getUserMessage(locale,
"CMS_PROFILE_VALIDITY_RANGE"));
} else if (name.equals(CONFIG_START_TIME)) {
diff --git a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
index 0c31fb0a8..b649c7076 100644
--- a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java
@@ -90,7 +90,7 @@ public class ValidityDefault extends EnrollDefault {
if (name.equals(CONFIG_RANGE)) {
return new Descriptor(IDescriptor.STRING,
null,
- "2922",
+ "7305",
CMS.getUserMessage(locale,
"CMS_PROFILE_VALIDITY_RANGE"));
} else if (name.equals(CONFIG_START_TIME)) {