cert considered invalid when intermediate is expired

Michal Suchanek hramrach at gmail.com
Fri Oct 26 15:15:08 CEST 2012


gnutls does not verify a certificate when the intermediate CA
certificate is expired.


server cert (valid)

signed by

intermediate cert (expired, valid at the time of signature)

signet by

root ca cert (valid)

Both GNUtls and OpenSSL refuse to verify the connection.

I am not sure if the certificate is technically valid in this case or not.

Any insight?



More information about the Gnutls-help mailing list