Closed humphd closed 1 year ago
The problem here is that we're using the expiry of the order, not the certificate, see https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.3.
We need to parse the validity data out of the cert itself. I'll make a PR.
After landing the
orderUrl
fix on production and clearing out the old certificates in the db, I was able to make a certificate. The new certificate says it's only valid for 7 days:However, if I decode the certificate, it shows:
So something is not right with our certificate date logic.