alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

FAQ Update: Intermediate certificates should be valid for 10 years

Browse source
This commit is contained in:
Carl Tashian 2020-02-26 10:17:32 -08:00
parent 043233f90f
commit a1debf7b1e
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docs/questions.md
View file

@ -171,7 +171,7 @@ aws acm-pca issue-certificate \
--csr intermediate.csr \ --csr intermediate.csr \
--template-arn "arn:aws:acm-pca:::template/SubordinateCACertificate_PathLen1/V1" \ --template-arn "arn:aws:acm-pca:::template/SubordinateCACertificate_PathLen1/V1" \
--signing-algorithm "SHA256WITHRSA" \ --signing-algorithm "SHA256WITHRSA" \
--validity Value=365,Type="DAYS" --validity Value=3650,Type="DAYS"
``` ```
This command will return the ARN of the certificate created. Now use [get-certificate](https://docs.aws.amazon.com/cli/latest/reference/acm-pca/get-certificate.html) to fetch the intermediate certificate: This command will return the ARN of the certificate created. Now use [get-certificate](https://docs.aws.amazon.com/cli/latest/reference/acm-pca/get-certificate.html) to fetch the intermediate certificate:
@ -188,7 +188,7 @@ aws acm-pca get-certificate \
```bash ```bash
openssl ca -config [ROOT_CA_CONFIG_FILE] \ openssl ca -config [ROOT_CA_CONFIG_FILE] \
-extensions v3_intermediate_ca \ -extensions v3_intermediate_ca \
-days 365 -notext -md sha512 \ -days 3650 -notext -md sha512 \
-in intermediate.csr \ -in intermediate.csr \
-out intermediate.crt -out intermediate.crt
``` ```