Is there anyway to remove the NADATE/NATIME settings for a digital certificate so that it never expires?

search cancel

Is there anyway to remove the NADATE/NATIME settings for a digital certificate so that it never expires?

book

Article ID: 13388

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Is there a way to remove the NADATE and NBDATE for a digital certificate so that it never expires?

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:

Resolution

A NBDATE (not before date) and NADATE (not after date) is required for digital certificates.

This is not a CA Top Secret requirement, but a requirement of the design and architecture of digital certificates which all products using digital certificates must adhere to.

Recommend setting the expiration date for 20 years which is the max.

Feedback

thumb_up Yes

thumb_down No