Increasing the expiration time for SSL certificate for Exim

[freshmint]

I issued a self-signed certificate for Exim by running the following commands:

openssl req -new -x509 -keyout /etc/exim.key.tmp -out /etc/exim.cert
openssl rsa -in /etc/exim.key.tmp -out /etc/exim.key
rm -f /etc/exim.key.tmp
service exim restart

The problem is the certificate expires after one month. I have already edited my /usr/share/ssl/openssl.cnf with the following lines in order to increase this expiration time to one year and it worked for the SSL certificate issued for Apache, but it has no effect on the Exim certificate.

default_days    = 365                   # how long to certify for
default_crl_days= 365                   # how long before next CRL

Should I edit another file or set it on another place? Does anyone know?

 

[freshmint]

Bump anyone?

 

[iceuk626]

This might work

openssl req -new -x509 -keyout -days 9999 /etc/exim.key.tmp -out /etc/exim.cert

 

[Marshall]

Try adding -days to the line so it looks like

openssl req -new -x509 -days 356 -keyout /etc/exim.key.tmp -out /etc/exim.cert

and see if that makes it the correct timespan.

 

[freshmint]

It worked, thank you both very much (though anyone that may try the first code will notice the args order needs to be fixed).