|
|
Hi Konrad Karl wrote: > Hi > .. > > I admit but I have been hurt by a failing CMOS clock which required > travelling (been locked out), and in addition, embedded systems might have no > accurate wall clock so I will have to fake the date and time > anyways. I am using embedded systems all the time and those typically don't have cmos clocks. I _always_ run a ntp server on those systems to have accurate time. > ... > > Thanks very much, I was not aware about these ????date options. It seems the > next task is to figure out what is the equivalent of "infinity" specifying start and end > dates. :-) > > Given that I have full control over the CA, is there any security gain if the > certs have date/time based validity? AFAIK it is just that a X.509 certificate has a date/time based validity cheers Erich ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |