I'm trying to send a pkcs10 CSR to a CA but need to define the life/validity of the certificate and override the profile information created in the CA. I'm using BouncyCastle 1.55 and org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder.
Thanks in advance of the help!
On
The information about the validity period (lifetime) is not part of the certificate signing request - also not listed as optional attribute in PKCS#9.
Extract requested validity period from a Certificate Signing Request using OpenSSL
pKCS#10 may set some attributes that CA could include (or not) in the certificate. But the validity of the certificate is not one af those fields. You can see the list of.available in the PKCS#9 RFC