View Source X509.Certificate.Validity (X509 v0.8.9)
Convenience functions for creating :Validity
records for use in
certificates. The :Validity
record represents the X.509 Validity
type, defining the validity of a certificate in terms of notBefore
and notAfter
timestamps.
Link to this section Summary
Types
:Validity
record, as used in Erlang's :public_key
module
X.509 Time type (UTCTime or GeneralizedTime)
Functions
Creates a new :Validity
record with an notAfter
value a given number of
days in the future. The notBefore
value can be backdated (by default
300 seconds) to avoid newly issued certificates
from being rejected by peers due to poorly synchronized clocks.
Creates a new :Validity
record with the given start and end timestamps
in DateTime format.
Link to this section Types
@type t() :: X509.ASN1.record(:validity)
:Validity
record, as used in Erlang's :public_key
module
@type time() :: {:utcTime | :generalTime, charlist()}
X.509 Time type (UTCTime or GeneralizedTime)
Link to this section Functions
@spec days_from_now(integer(), non_neg_integer()) :: t()
Creates a new :Validity
record with an notAfter
value a given number of
days in the future. The notBefore
value can be backdated (by default
300 seconds) to avoid newly issued certificates
from being rejected by peers due to poorly synchronized clocks.
For CA certificates, consider using new/2
instead, with a not_before
value that does not reveal the exact time when the key pair was generated.
This minimizes information leakage about the state of the RNG.
@spec new(DateTime.t(), DateTime.t()) :: t()
Creates a new :Validity
record with the given start and end timestamps
in DateTime format.
examples
Examples:
iex> {:ok, not_before, 0} = DateTime.from_iso8601("2018-01-01T00:00:00Z")
iex> {:ok, not_after, 0} = DateTime.from_iso8601("2018-12-31T23:59:59Z")
iex> X509.Certificate.Validity.new(not_before, not_after)
{:Validity, {:utcTime, ~c"180101000000Z"}, {:utcTime, ~c"181231235959Z"}}
iex> {:ok, not_before, 0} = DateTime.from_iso8601("2051-01-01T00:00:00Z")
iex> {:ok, not_after, 0} = DateTime.from_iso8601("2051-12-31T23:59:59Z")
iex> X509.Certificate.Validity.new(not_before, not_after)
{:Validity, {:generalTime, ~c"20510101000000Z"},
{:generalTime, ~c"20511231235959Z"}}