[cisco-voip] VCS 8.2 won't accept Trusted CA Cert with expiration date of 40 years from now - shows it as expired Dec 31, 1969
Heim, Dennis
Dennis.Heim at wwt.com
Thu Dec 4 14:52:57 EST 2014
That bug definitely gets an honorable mention.
Dennis Heim | Emerging Technology Architect (Collaboration)
World Wide Technology, Inc. | +1 314-212-1814
[cid:image001.png at 01D00FC9.9BCD23A0]<https://twitter.com/CollabSensei>
[cid:image002.png at 01D00FC9.9BCD23A0]<xmpp:dennis.heim at wwt.com>[cid:image003.png at 01D00FC9.9BCD23A0]<tel:+13142121814>[cid:image004.png at 01D00FC9.9BCD23A0]<sip:dennis.heim at wwt.com>
"Innovation happens on project squared" -- http://www.projectsquared.com
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Joe Martini
Sent: Thursday, December 04, 2014 12:11 PM
To: Jeremy Bresley; bvanbens at gmail.com; Josh Warcop
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] VCS 8.2 won't accept Trusted CA Cert with expiration date of 40 years from now - shows it as expired Dec 31, 1969
Brian,
Looks like this https://tools.cisco.com/bugsearch/bug/CSCup81787 and there is a fix in the next version.
Joe
On Dec 4, 2014, at 12:28 PM, Jeremy Bresley <brez at brezworks.com<mailto:brez at brezworks.com>> wrote:
On 12/4/2014 9:58 AM, Brian V wrote:
Customer provided me their root CA and intermediate CA (internal) to load on the VCS-C
The intermediate cert (expires in 20 yr) is loaded fine, when loading the root cert (expires in 40 yr) it says its already expired in 1969 !
Is there a limit on the length of a Cert or perhaps just a bug in code ?
Anyone run into this before ?
This is the longest I've seen someone sign a cert for. Is this common to use such a long duration ?
I have a TAC case open, still waiting to be contacted by them.
First thought would be 32-bit UNIX time wrapping in 2038. Pretty sure that VCS is based on Linux. The 20 year cert would be within that range, the 40 year one wouldn't be. I'd be curious if both of them being 20 years resolves it.
And I chuckled when I read it, we're going through headaches with certs and renewals/replacements right now, and I really wish I could do 40 years on them so I would be long gone before they expired and had to be replaced again. ;-)
Jeremy "TheBrez" Bresley
brez at brezworks.com<mailto:brez at brezworks.com>
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141204/5299bc99/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3876 bytes
Desc: image001.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141204/5299bc99/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1389 bytes
Desc: image002.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141204/5299bc99/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1292 bytes
Desc: image003.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141204/5299bc99/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1391 bytes
Desc: image004.png
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141204/5299bc99/attachment-0003.png>
More information about the cisco-voip
mailing list