[Help-gnutls] Re: gnutls_certificate_get_peers() and expired certs

Simon Josefsson simon at josefsson.org
Mon May 26 14:27:07 CEST 2008

"Rainer Gerhards" <rgerhards at gmail.com> writes:

> Hi list,
> I have used  gnutls_certificate_get_peers() with expired certificates.
> The validation check returned successfully. From the documentation it
> looks like this is expected behavior and I always must check this
> manually. Please let me know if my assumption is correct (I would like
> to implement in the best possible way and not use customer code where
> I can rely on the library itself).

Hi, yes, you need to check expiration dates yourself.  See the examples
on how to do this:



More information about the Gnutls-help mailing list