diff options
| author | Gibheer <gibheer+git@zero-knowledge.org> | 2026-06-10 21:41:59 +0200 |
|---|---|---|
| committer | Gibheer <gibheer+git@zero-knowledge.org> | 2026-06-10 21:41:59 +0200 |
| commit | f710d9efc7051faa7808e74216ae70f8138bfc33 (patch) | |
| tree | 8102bce799471b37f460c16cd0105484e7fd11bf | |
| parent | 99357aadbbe1a30f36b8fbbb0758c3ed6c2e879e (diff) | |
| -rw-r--r-- | create_cert.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/create_cert.go b/create_cert.go index 56ec4ca..602d01d 100644 --- a/create_cert.go +++ b/create_cert.go @@ -47,6 +47,7 @@ func CreateCert(args []string) error { flagKeyExtUsage stringList flagNotBefore string flagNotAfter string + flagDuration time.Duration flagSerial int64 flagLength int flagIsCA bool @@ -78,6 +79,12 @@ func CreateCert(args []string) error { time.Now().Format(time.RFC3339), "time after the certificate is not valid in RFC3339 format (default now)", ) + fs.DurationVar( + &flagDuration, + "duration", + 9*time.Second, + "set a duration for which the certificate should be valid. If set, NotAfter will be ignored.", + ) fs.Parse(args) if flagPrivate == "" { @@ -114,6 +121,9 @@ func CreateCert(args []string) error { if notBefore.After(notAfter) { return fmt.Errorf("before and after range is wrong") } + if flagDuration > 0*time.Second { + notAfter = notBefore.Add(flagDuration) + } cert_opts := pki.CertificateOptions{ SerialNumber: big.NewInt(flagSerial), NotBefore: notBefore, |