From 62cb6d22494bd93d15dfd4ab084a0679db79882f Mon Sep 17 00:00:00 2001
From: yggverse <yggverse@project>
Date: Sat, 3 Aug 2024 01:19:20 +0300
Subject: [PATCH] update default CSR_SIGN_DAYS value

---
 src/Interface/Model/Identity.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/Interface/Model/Identity.php b/src/Interface/Model/Identity.php
index 608e5900..dab95011 100644
--- a/src/Interface/Model/Identity.php
+++ b/src/Interface/Model/Identity.php
@@ -14,7 +14,11 @@ use \OpenSSLCertificateSigningRequest;
  */
 interface Identity
 {
-    public const CSR_SIGN_DAYS = 365;
+    /*
+     * Industry standards recommend limiting the validity period of public SSL/TLS certificates to 397 days.
+     * This is a guideline default value provided by the CA/B Forum to improve security and manage risk.
+     */
+    public const CSR_SIGN_DAYS = 397;
 
     public const PRIVATE_KEY_BITS = 2048;
     public const PRIVATE_KEY_TYPE = OPENSSL_KEYTYPE_RSA;