« Previous | Next » 

Revision 27e46076


Added by Michael Hanselmann over 13 years ago

utils: Add function to extract X509 cert validity

X509 uses ASN1 GENERALIZEDTIME or UTCTIME to store certificate validity.
pyOpenSSL 0.7 and above allow us to retrieve both “notBefore” and
“notAfter” as strings. Parsing them turned out to be a challenge since
they can be in a variety of formats (YYYYMMDDhhmmssZ, YYYYMMDDhhmmss+hhmm
or YYYMMDDhhmmss-hhmm).

This will be used to verify the validity of cluster certificates in

Signed-off-by: Michael Hanselmann <>
Reviewed-by: Iustin Pop <>


  • added
  • modified
  • copied
  • renamed
  • deleted

View differences