View Source X509.Certificate.Validity (X509 v0.8.9)

Convenience functions for creating :Validity records for use in certificates. The :Validity record represents the X.509 Validity type, defining the validity of a certificate in terms of notBefore and notAfter timestamps.

Link to this section Summary

Types

t()

:Validity record, as used in Erlang's :public_key module

X.509 Time type (UTCTime or GeneralizedTime)

Functions

Creates a new :Validity record with an notAfter value a given number of days in the future. The notBefore value can be backdated (by default 300 seconds) to avoid newly issued certificates from being rejected by peers due to poorly synchronized clocks.

Creates a new :Validity record with the given start and end timestamps in DateTime format.

Link to this section Types

@type t() :: X509.ASN1.record(:validity)

:Validity record, as used in Erlang's :public_key module

@type time() :: {:utcTime | :generalTime, charlist()}

X.509 Time type (UTCTime or GeneralizedTime)

Link to this section Functions

Link to this function

days_from_now(days, backdate_seconds \\ 300)

View Source
@spec days_from_now(integer(), non_neg_integer()) :: t()

Creates a new :Validity record with an notAfter value a given number of days in the future. The notBefore value can be backdated (by default 300 seconds) to avoid newly issued certificates from being rejected by peers due to poorly synchronized clocks.

For CA certificates, consider using new/2 instead, with a not_before value that does not reveal the exact time when the key pair was generated. This minimizes information leakage about the state of the RNG.

Link to this function

new(not_before, not_after)

View Source
@spec new(DateTime.t(), DateTime.t()) :: t()

Creates a new :Validity record with the given start and end timestamps in DateTime format.

examples

Examples:

iex> {:ok, not_before, 0} = DateTime.from_iso8601("2018-01-01T00:00:00Z")
iex> {:ok, not_after, 0} = DateTime.from_iso8601("2018-12-31T23:59:59Z")
iex> X509.Certificate.Validity.new(not_before, not_after)
{:Validity, {:utcTime, ~c"180101000000Z"}, {:utcTime, ~c"181231235959Z"}}

iex> {:ok, not_before, 0} = DateTime.from_iso8601("2051-01-01T00:00:00Z")
iex> {:ok, not_after, 0} = DateTime.from_iso8601("2051-12-31T23:59:59Z")
iex> X509.Certificate.Validity.new(not_before, not_after)
{:Validity, {:generalTime, ~c"20510101000000Z"},
  {:generalTime, ~c"20511231235959Z"}}