Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-1405

Support for adding PrivateKeyUsagePeriod certificate extension

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 4.0.2
    • Component/s: None
    • Labels:
      None

      Description

      A good use case for PrivateKeyUsage extension is ePassports. the Document signer certificate will be valid for say 5 years and three months. But it should only be used for three months (so the cert is valid for the lifetime of the last signed passport).
      If we set PrivateKeyUsagePeriod to three months, we can check in SignServer (mrtd sod signer) that the certificate is not used after this period.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              markus Markus Kilås
              Reporter:
              tomas Tomas Gustavsson
              Verified by:
              Tomas Gustavsson
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 week
                  1w
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 2 hours Time Not Required
                  2d 2h