Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: tctl auth sign Validity Period is off by 1 minute #19

Open
one000mph opened this issue Oct 11, 2019 · 1 comment
Open

Bug: tctl auth sign Validity Period is off by 1 minute #19

one000mph opened this issue Oct 11, 2019 · 1 comment

Comments

@one000mph
Copy link

one000mph commented Oct 11, 2019
edited
Loading

The identify cert generated tctl auth sign is off by 1 minute

For an existing user

$ tctl auth sign --user teleport -o teleport_id
# file written
$ openssl x509 -text -noout -in teleport_id
Certificate:
    Data:
        Version: 3 (0x2)
...
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=grav-00, CN=grav-00
        Validity
-            Not Before: Oct 11 21:51:30 2019 GMT #Current
-            Not After : Oct 12 09:52:30 2019 GMT #Current
+            Not Before: Oct 11 21:51:30 2019 GMT #Expected
+            Not After : Oct 12 09:51:30 2019 GMT #Expected

The behavior is the same when the --ttl flag is set. --ttl 5m becomes a 6 minute duration
@benarent
Copy link

This looks like a bug, I'll copy it over the OSS repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@benarent @one000mph