> I will not get certificates today for after 2045 because the
> certificates that I am checking are certificates that already past a
> validation check and have been inserted into my cache system, therefor
> it is a certificate signed by our own system which does not sign for
> more then 25 year. most are 1 year.
>
> Thanks Joe


You may have a special case, but you can't expect the library to be
designed for your special case. You'll run into trouble after 2015 anyway --
any special reason you're designing things to break in 10 years?

DS


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org