[openssl-users] Another problem with openssl x509 -req -- default_enddate

Michael Richardson mcr at sandelman.ca
Thu Aug 31 01:12:37 UTC 2017


Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
    > The openssl ca(1) program is to some extent just a demo, that meets

I'd actually suggest that it be either:
  1) ripped out of the source code, and turned into a seperate "application".
  2) pushed internal to the source code (not installed), and used only for
     running regression tests.

The two actions are not mutually exclusive!

There are probably a dozen commands to which such an approach would help
improve both the APIs, and make the code easier for (others) to innovate
with.

    > only the simplest needs.  Perhaps you were looking for a turnkey
    > CLI, but you have a specialized new use-case, and it is not entirely
    > surprising that it is not directly supported.

+10.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [



More information about the openssl-users mailing list