Comment by Y-bar

Comment by Y-bar 2 days ago

4 replies

View on Hacker News

How will this impact self-signed local certificates? Can we still use a five-year lifespan on those or do we need to reduce it to <398 days?

electroly 2 days ago

Your local certificates are not bound by the Baseline Requirements at all; they're irrelevant to you. You can do whatever you want if your CA is not in a root program.

Reply View 0 replies
[removed] 2 days ago
[deleted]
Reply View 0 replies
bawolff 2 days ago

The article doesn't even mention cert lifetimes.

But the answer is no, self-signed certs dont have to folllw c/ab.

Reply View 1 reply
  • Y-bar 2 days ago

    The links in the article mentions the hard limit on certificate lifetime.

    Reply View 0 replies