aboutsummaryrefslogtreecommitdiff
path: root/create_cert.go
diff options
context:
space:
mode:
Diffstat (limited to 'create_cert.go')
-rw-r--r--create_cert.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/create_cert.go b/create_cert.go
index 56ec4ca..602d01d 100644
--- a/create_cert.go
+++ b/create_cert.go
@@ -47,6 +47,7 @@ func CreateCert(args []string) error {
flagKeyExtUsage stringList
flagNotBefore string
flagNotAfter string
+ flagDuration time.Duration
flagSerial int64
flagLength int
flagIsCA bool
@@ -78,6 +79,12 @@ func CreateCert(args []string) error {
time.Now().Format(time.RFC3339),
"time after the certificate is not valid in RFC3339 format (default now)",
)
+ fs.DurationVar(
+ &flagDuration,
+ "duration",
+ 9*time.Second,
+ "set a duration for which the certificate should be valid. If set, NotAfter will be ignored.",
+ )
fs.Parse(args)
if flagPrivate == "" {
@@ -114,6 +121,9 @@ func CreateCert(args []string) error {
if notBefore.After(notAfter) {
return fmt.Errorf("before and after range is wrong")
}
+ if flagDuration > 0*time.Second {
+ notAfter = notBefore.Add(flagDuration)
+ }
cert_opts := pki.CertificateOptions{
SerialNumber: big.NewInt(flagSerial),
NotBefore: notBefore,
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-13 23:50:26 +0000