When certifying certificates you can already set an expiry time. The main use case for that is that if you are some kind of company CA that certifies the employees keys you want to enforce validity settings based on your company guidelines so that when an employee later extends their certificate this extension needs to be validated by you as the CA again.
A setting for that would reduce the steps such a person would always need to check / click.
| rKLEOPATRA Kleopatra | |||
| rKLEOPATRA539fb878425d Make default certification validity configurable | |||
Eva this is a bit related to the certification documentation and we talked about this last week.
I suppose this means that, optionally, the certification should expire at the same date/time as the current validity of the certificate. Or shall this be a configurable fixed validity period of certifications?
This can be a fixed validity period of the certifications. So like 3 years. Even if the user has set the certificate to be valid for only one year the user could then extend it in my opinion to the full 3 years before the certification loses the validity.
The default validity of certifications is now configurable via the setting CertificationValidityInDays in the group [Certification]. It cannot be configured in the UI.