Make default certificate lifetime 30 days

This matches the W3C spec for generateCertificate. In the future we will add an argument that lets the user pass a max of 1 year. Relates to c6c241
2025-12-24 11:51:03 +08:00 · 2021-04-10 11:55:20 -07:00
parent c6c241d57c
commit e2fd97b053
1 changed files with 1 additions and 1 deletions
--- a/certificate.go
+++ b/certificate.go
@@ -147,7 +147,7 @@ func GenerateCertificate(secretKey crypto.PrivateKey) (*Certificate, error) {
 		BasicConstraintsValid: true,
 		NotBefore:             time.Now(),
 		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
-		NotAfter:              time.Now().AddDate(10, 0, 0),
+		NotAfter:              time.Now().AddDate(0, 1, 0),
 		SerialNumber:          serialNumber,
 		Version:               2,
 		Subject:               pkix.Name{CommonName: hex.EncodeToString(origin)},