We want to be able to handle long-lived connections/sessions, and we are therefore wondering about situations where a client or server certificate may expire either 1)after we have established a context, or 2)after a session has started. Perhaps the first question is: how often is a certificate validated?
>From an initial digging into the code, it appears that the certificate is only >validated before a session is set up. So, if a cert expires after this, it >will never be detected as long as the session is running. Is this true? Do we have to programmatically manage this situation (dealing with expiring certs & adding new certs) within our app, or is it possible to point to a cert store that we can then update with a new cert via the openSSL command line tool? Thanks.
