crypto/x509: always write validity times in UTC.

RFC 5280 section 4.1.2.5.1 says so. R=golang-dev, bradfitz CC=golang-dev https://golang.org/cl/6775068

crypto/x509: always write validity times in UTC.
RFC 5280 section 4.1.2.5.1 says so. R=golang-dev, bradfitz CC=golang-dev https://golang.org/cl/6775068
184e7a2b · Adam Langley · 4d17fe3c · 184e7a2b
Commit 184e7a2b authored Oct 29, 2012 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 3 deletions

src/pkg/crypto/x509/x509.go src/pkg/crypto/x509/x509.go +3 -3

No files found.
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -1224,7 +1224,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interf
 		SerialNumber:       template.SerialNumber,
 		SignatureAlgorithm: signatureAlgorithm,
 		Issuer:             asn1.RawValue{FullBytes: asn1Issuer},
-		Validity:           validity{template.NotBefore, template.NotAfter},
+		Validity:           validity{template.NotBefore.UTC(), template.NotAfter.UTC()},
 		Subject:            asn1.RawValue{FullBytes: asn1Subject},
 		PublicKey:          publicKeyInfo{nil, publicKeyAlgorithm, encodedPublicKey},
 		Extensions:         extensions,
@@ -1314,8 +1314,8 @@ func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts [
 			Algorithm: oidSignatureSHA1WithRSA,
 		},
 		Issuer:              c.Subject.ToRDNSequence(),
-		ThisUpdate:          now,
+		ThisUpdate:          now.UTC(),
-		NextUpdate:          expiry,
+		NextUpdate:          expiry.UTC(),
 		RevokedCertificates: revokedCerts,
 	}