Can the validity period of the Self-Signed Certificate that IIS 7.0 manager creates be changed ?

Can the validity period of the Self-Signed Certificate that IIS 7.0 manager creates be changed ?

  • Comments 1

IIS 7.0 has a nice feature of creating self-signed certificates …  very handy for creating test certificates.

I was recently asked if there is a way to modify the validity period of the certificate it creates.

Unfortunately  No!

The module that creates the certificate uses a simple logic of incrementing the year by 1. Something like

SYSTEMTIME systemtime = new SYSTEMTIME();

systemtime.wYear = (short) (DateTime.Now.Date.Year + 1);

systemtime.wMonth = (short) DateTime.Now.Date.Month;

systemtime.wDay = (short) DateTime.Now.Date.Day;

It’s hardcoded and hence the validity of the certificate will always be 1 year from the current date.

Also the name of the certificate will always be the FQDN.

In case you want to create certificates with a shorter validity period or different names there are are a lot of tools like SelfSSL that you can use to generates self-signed certificates.


Bookmark and Share

Leave a Comment
  • Please add 7 and 7 and type the answer here:
  • Post