Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return
expire or going to expire. Please check it.



Thank you.

Regards,

--Ajeet Kumar Singh



Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet



-----Original Message-----
From: owner-openssl-users@openssl.org
[mailtowner-openssl-users@openssl.org] On Behalf Of Rick Knight
Sent: Thursday, November 06, 2008 12:34 AM
To: openssl-users@openssl.org
Subject: Key.pme expiration problem

Hello,

Yesterday I created a new certificate request for use with Sendmail and
STARTTLS. I signed the request with my existing CA. This morning I'm
getting messages from certwatch say the key and cert are expired or are
going to expire in less than 7 days. My CA is good till December 2010,
and the request is good untill November 2009. When I run certwatch I
get these errors...

unable to load certificate
5143:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5173:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5203:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5235:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'
unable to load certificate
5260:error:0906D06C:PEM routines:PEM_read_bio:no start
lineem_lib.c:647:Expecting: TRUSTED CERTIFICATE
date: invalid date `+%s'

I have 5 files (3 certs and 2 keys) in /etc/mail/certs where certwatch
is watching and they all give this error. Only 1 cert and key is from
yesterday. The other 3 have been there for almost a year.

Is there a way to check the date on the key files to verify that they
are expiring. Is the error above causing the problem?

Thanks,
Rick
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org