aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--main.go9
1 files changed, 8 insertions, 1 deletions
diff --git a/main.go b/main.go
index 590aff2..affb784 100644
--- a/main.go
+++ b/main.go
@@ -233,11 +233,18 @@ func main() {
log.Fatalln("error: could not parse the CA certificate:", err)
}
}
+ if tmpl.NotBefore.Before(parentCert.NotBefore) {
+ log.Fatalf("error: certificate starts before (%v) its parent (%v)",
+ tmpl.NotBefore, parentCert.NotBefore)
+ }
+ if tmpl.NotAfter.After(parentCert.NotAfter) {
+ log.Fatalf("error: certificate expires after (%v) its parent (%v)",
+ tmpl.NotAfter, parentCert.NotAfter)
+ }
cert, err := x509.CreateCertificate(rand.Reader, tmpl, parentCert, &key.PublicKey, parentKey)
if err != nil {
log.Fatalln("error: could not generate the certificate:", err)
}
-
keyOut, err := os.OpenFile(out+".key", os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0600)
if err != nil {
log.Fatalln("error: could not create the private key:", err)
generated by cgit v1.2.3-70-g09d2 (git 2.52.0) at 2025-12-06 23:45:47 +0000