If you want to use a certificate of a certificate authority you will usually find the maximum period in the authorities policy.
If you use a self-signed certificate, then you can choose the duration by yourself only limited by the specification.
質問
I understand that when signing a JAR, it is possible to extend the default certificate expiration date of of 90 days by using -validity
.
Since what I'm making is an embedded system, I would like to have the certificate last indefinitely, or at least several years. Having to constantly resign the JAR's would be dangerous.
Is there a way to make the time infinite or is simply putting a few thousand days the best route?
Edit:
It is my intent to use a certificate authority, specifically Verisign.
解決
If you want to use a certificate of a certificate authority you will usually find the maximum period in the authorities policy.
If you use a self-signed certificate, then you can choose the duration by yourself only limited by the specification.