From c1f087e5ecea991b857fa26b65f0dfa652dcd036 Mon Sep 17 00:00:00 2001
From: yggverse <yggverse@project>
Date: Fri, 2 Aug 2024 23:06:15 +0300
Subject: [PATCH] use max possible certificate age for user identities

---
 src/Model/Identity/Gemini.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/Model/Identity/Gemini.php b/src/Model/Identity/Gemini.php
index 4c4e413d..0f41e8fe 100644
--- a/src/Model/Identity/Gemini.php
+++ b/src/Model/Identity/Gemini.php
@@ -10,8 +10,8 @@ use \OpenSSLCertificate;
 
 class Gemini extends \Yggverse\Yoda\Abstract\Model\Identity
 {
-    // Update defaults
-    public const CSR_SIGN_DAYS = 365 * 1965; // @TODO
+    // Init defaults
+    public const CSR_SIGN_DATE = '99991231235959Z';
 
     // Init identity variables
     protected OpenSSLAsymmetricKey $_key;
@@ -32,7 +32,11 @@ class Gemini extends \Yggverse\Yoda\Abstract\Model\Identity
             ),
             $this->_key,
             null,
-            self::CSR_SIGN_DAYS
+            intval( // use max possible certificate age for user identities
+                floor(
+                    (strtotime(self::CSR_SIGN_DATE) - time()) / (60 * 60 * 24)
+                )
+            )
         );
     }