cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Tom_Cripps
Silver

Certificate validity time hours after creation time

Hi,

I've recently recreated our HTTPS inspection certificate due to it expiring soon but it created the certificate with a valid from time 3 hours after creation?

Is this normal behaviour or has something gone wrong in the creation process? Due to this issue we've had to turn off HTTPS inspection until after the valid from time.

Any help is appreciated

Tom

0 Kudos
5 Replies
Highlighted
Admin
Admin

Re: Certificate validity time hours after creation time

It should create it as valid from the time you created it.
I assume you did it in SmartConsole?
Might be worth a TAC case.
0 Kudos
Tom_Cripps
Silver

Re: Certificate validity time hours after creation time

Hi Phoneboy,

Yes, made it through the HTTPS inspection part of SmartConsole.

Will raise a TAC case as the behaviour doesn't make any sense to me.

0 Kudos
Tom_Cripps
Silver

Re: Certificate validity time hours after creation time

Hi @PhoneBoy 

Support suspected this could be an NTP issues, i'm highly doubtful. I was made aware you can't do any system level time checking? My theory, could be completely wrong, but maybe the ICA has clock drifted? Is this even possible?

Open to ideas.

0 Kudos

Re: Certificate validity time hours after creation time

We had the same problem at CCSA training with HTTPS lab. It happened only for some students although they all had the same cloned environment.
0 Kudos
Admin
Admin

Re: Certificate validity time hours after creation time

The ICA just uses the system clock.
Assuming NTP is disabled, you can do a one-time sync with ntpdate pool.ntp.org from expert mode.
0 Kudos