PhenixID DocumentationPhenixID Authentication ServicesVersion 2.7 SolutionsChange expiration time of PhenixID OneTouch certificate

Change expiration time of PhenixID OneTouch certificate

This document describes how to change the default expiration date for PhenixID OneTouch certificates. This applies to the built-in Certificate Authority that ships with the PhenixID Authentication Services platform.

When integrating with external PKI/CA, please consult the CA supplier documentation.

Configuration

- Shutdown the PhenixID service

- Open config/phenix-store.json in a text editor

- Locate CA_CONFIGURATIONS

- Locate the CA object used for PhenixID OneTouch certificates.
"name" : "PhenixID One Touch CA

- Change the config->ca_profiles->0->rules->not_after->value. Default is 365 days.
The duration syntax follows the ISO8601 intervall standard.

Examples:

This will make PhenixID OneTouch certificates expire 10 days after activation.

"not_after" : {
            "value" : "duration:P10D"
          }

 

This will make PhenixID OneTouch certificates expire 36 hours after activation.

"not_after" : {
            "value" : "duration:PT36H"
          }