security: Make self-signed certificate valid from 1970-01-01 to now()+20 years
Previously set now()+1000 years doesn't work because of the bug #3915
Change-Id: Ia83a0bc921f49424fc19bcd15aad642a87e76803
diff --git a/src/security/v2/key-chain.cpp b/src/security/v2/key-chain.cpp
index f3ebc62..de9281d 100644
--- a/src/security/v2/key-chain.cpp
+++ b/src/security/v2/key-chain.cpp
@@ -568,8 +568,10 @@
// set signature-info
SignatureInfo signatureInfo;
- signatureInfo.setValidityPeriod(ValidityPeriod(time::system_clock::now(),
- time::system_clock::now() + time::days(1000 * 365)));
+ // Note time::system_clock::max() or other NotAfter date results in incorrect encoded value
+ // because of overflow during conversion to boost::posix_time::ptime (bug #3915).
+ signatureInfo.setValidityPeriod(ValidityPeriod(time::system_clock::TimePoint(),
+ time::system_clock::now() + time::days(20 * 365)));
sign(certificate, SigningInfo(key).setSignatureInfo(signatureInfo));