bundles/letsencrypt: ensure-some-certificate shouldn't create 10-year-certs

2021-12-19 06:36:11 +01:00 · 2021-12-19 06:36:11 +01:00 · de3580a7d3
parent 04450d4b4c
commit de3580a7d3
1 changed files with 1 additions and 1 deletions
--- a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate
+++ b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate
@ -25,7 +25,7 @@ if [ "$already_exists" != true ]
 then
    rm -r "$cert_path"
    mkdir -p "$cert_path"
-    openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem"
+    openssl req -x509 -newkey rsa:4096 -nodes -days 1 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem"
    chmod 0600 "$cert_path/privkey.pem"
    cp "$cert_path/fullchain.pem" "$cert_path/chain.pem"
 fi