Implement certificate lifetime parameter as required by WebRTC RFC.

webrtc/base/sslidentity.cc

Index: webrtc/base/sslidentity.cc
diff --git a/webrtc/base/sslidentity.cc b/webrtc/base/sslidentity.cc
index 5f6b6869dd4db39cea25207532b41f6739255864..536e3aa7dc46726273cc16d598296a6ec8172d74 100644
--- a/webrtc/base/sslidentity.cc
+++ b/webrtc/base/sslidentity.cc
@@ -159,8 +159,10 @@ SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
 }
 
 SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
-                                   const KeyParams& key_params) {
-  return OpenSSLIdentity::Generate(common_name, key_params);
+                                   const KeyParams& key_params,
+                                   time_t certificate_lifetime) {
+  return OpenSSLIdentity::Generate(common_name, key_params,

[hbos, 2016/02/12 11:40:12]

I think DCHECKing that |certificate_lifetime| is non-negative makes sense here.

[torbjorng (webrtc), 2016/02/12 12:58:00]

Which means test code cannot generate an expired certificate except by using
GenerateForTest() which you agreed should go away.

+                                   certificate_lifetime);
 }
 
 SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {