So you're trying to cache the time_t of when they'll expire in your
caching system? How about CRL updates or OCSP checks, are they a
concern?

I believe there's a call to get the expiration date of a certificate
in text format, and a C function to turn that into a time_t. Will
that do what you need?

-Kyle H

On 1/30/06, Joe Gluck wrote:
> I will not get certificates today for after 2045 because the
> certificates that I am checking are certificates that already past a
> validation check and have been inserted into my cache system, therefor
> it is a certificate signed by our own system which does not sign for
> more then 25 year. most are 1 year.
>
> Thanks Joe

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org