ACK! WANT! (Tested with an expired certificate and it works, and looking at OpenSSL x509_vfy.c and PolarSSL x509_8h, I'm reasonable confident that it will also for for not-yet-valid certificates and that we call this all correctly)
Your patch has been applied to the master branch (release/2.3 coming when that has migrated to PolarSSL 1.3). commit 091edd8e2996867447eeb665af957547aa8b3107 (master) Author: Steffan Karger List-Post: [email protected] Date: Mon Dec 14 21:09:18 2015 +0100 Warn user if their certificate has expired Signed-off-by: Steffan Karger <[email protected]> Acked-by: Gert Doering <[email protected]> Message-Id: <[email protected]> URL: http://article.gmane.org/gmane.network.openvpn.devel/10794 Signed-off-by: Gert Doering <[email protected]> -- kind regards, Gert Doering
