A null pointer exception will be thrown by EJBCA if you try to create a CA using a certificate profile that sets the private key usage period, but sets only the period length.
1. Create a new certificate profile called "TestProfile" based on the ROOTCA default profile.
2. Edit "TestProfile" certificate profile. Set the "Period length" option for "Private Key Usage Period". Do not enable or set the "Start offset" option.
3. Create a CA using the "TestProfile" certificate profile.
1. CA was created.
1. A null pointer exception is thrown.
The GUI should probably mandate providing both of these values (with the docs maybe needing a small update to mention that start period can be set to 0 or something similar). The RFC-5280 seems to mark both of these fields of the extension optional though.