bmcweb Security issue
Bruce Mitchell
Bruce_Mitchell at phoenix.com
Thu Feb 13 04:52:52 AEDT 2020
bmcweb Security issue: according to the The CA/Browser Forum https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.7.pdf ;
Subscriber Certificates issued after 1 March 2018 MUST have a Validity Period no greater than 825 days.
In bmcweb's ssl_key_handler.hpp we have:
// Cert is valid for 10 years
X509_gmtime_adj(X509_get_notAfter(x509),
60L * 60L * 24L * 365L * 10L);
I believe we want this changed to the 825 days.
More information about the openbmc
mailing list