If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
Currently, certificate lifetimes can only be given in hours, minutes and seconds. If you want to create a cert with a 90 day life, you cant say --not-after 90d but instead have to put --not-after 2160h
We should be able to use time periods in days or years; months might be awkward as they are different lengths and the 'm' would clash with 'minutes' but maybe '1M' could mean '30d'?
I would like to be able to use time windows such as
--not-after 1y
--not-after 90d
--not-after 3mo (this one I could live without though)
Why is this needed?
This is a relatively simple change that would be a bit improvement on usability when creating longer-lived certificates such as for hosts and services, which typically want to live for 90 days or 1 year. Giving longer times in hours is confusing and error-prone.
Hello!
Issue details
Currently, certificate lifetimes can only be given in hours, minutes and seconds. If you want to create a cert with a 90 day life, you cant say
--not-after 90dbut instead have to put--not-after 2160hWe should be able to use time periods in days or years; months might be awkward as they are different lengths and the 'm' would clash with 'minutes' but maybe '1M' could mean '30d'?
I would like to be able to use time windows such as
--not-after 1y--not-after 90d--not-after 3mo(this one I could live without though)Why is this needed?
This is a relatively simple change that would be a bit improvement on usability when creating longer-lived certificates such as for hosts and services, which typically want to live for 90 days or 1 year. Giving longer times in hours is confusing and error-prone.