Is there an option with ic-starter to set the local replica to support certificates validity length longer than 5 minutes?
Let’s say I want to avoid the following issue without worrying about the time zone and want to set a 24-hour validity.
Invalid certificate: Certificate is signed more than 5 minutes in the past. Certificate time: 2024-03-0216:46:09.030Z Current time: 2024-03-
0313: 26:09.913Z
Or alternatively, how can I specify the local replica time zone and time when I start it locally with ic-starter and icx-proxy?
Notes: I’ve made many tries where I modify and apply another TZ=America/Tijuana time zone before starting both threads, still, the local replica time keeps being set to my time zone. So I’m really curious to know where the local replica gets its time reference.
1 Like
I don’t think either of that is possible. You can see all the option ic-starter supports with $(dfx cache show)/ic-starter --help and I don’t see anything like that in there or in icx-proxy
My best guess is that the replica picks up the time from the system time. And it’s not scared of jumping forward to the current time
1 Like
I had the same feeling, thanks for confirming.
Do you know where we can double check this? I made various test and explicitely set TZ=America/Tijuana but, when doing a lookup with agent-js on the time, I still got my local time and not a time on the time zone on which I started the replica.
I did some (very light) investigating and found an important reference to SystemTime::now() here, which seems to be used in a few quite important places (e.g. artifact pool or consensus validator). The places I checked where time gets set explicitly is all in tests
1 Like
Thanks! That makes sense, so it’s always UTC. I should try to set TZ as UTC then.