diff options
| author | Adam Langley <agl@golang.org> | 2012-10-29 11:16:58 -0400 |
|---|---|---|
| committer | Adam Langley <agl@golang.org> | 2012-10-29 11:16:58 -0400 |
| commit | 184e7a2bf2d091a48029f9953693a2b9f3ba3cc1 (patch) | |
| tree | 8aeb7546fa032ccd081b837c651e57c2b9d51fb0 /src/pkg/crypto | |
| parent | 4d17fe3cd62788b9b15af471806063f8cc071c97 (diff) | |
| download | go-184e7a2bf2d091a48029f9953693a2b9f3ba3cc1.tar.xz | |
crypto/x509: always write validity times in UTC.
RFC 5280 section 4.1.2.5.1 says so.
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/6775068
Diffstat (limited to 'src/pkg/crypto')
| -rw-r--r-- | src/pkg/crypto/x509/x509.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go index cfefbc5ace..5cfd09008c 100644 --- a/src/pkg/crypto/x509/x509.go +++ b/src/pkg/crypto/x509/x509.go @@ -1224,7 +1224,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interf SerialNumber: template.SerialNumber, SignatureAlgorithm: signatureAlgorithm, Issuer: asn1.RawValue{FullBytes: asn1Issuer}, - Validity: validity{template.NotBefore, template.NotAfter}, + Validity: validity{template.NotBefore.UTC(), template.NotAfter.UTC()}, Subject: asn1.RawValue{FullBytes: asn1Subject}, PublicKey: publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey}, Extensions: extensions, @@ -1314,8 +1314,8 @@ func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts [ Algorithm: oidSignatureSHA1WithRSA, }, Issuer: c.Subject.ToRDNSequence(), - ThisUpdate: now, - NextUpdate: expiry, + ThisUpdate: now.UTC(), + NextUpdate: expiry.UTC(), RevokedCertificates: revokedCerts, } |