Hi
I am new to openssl application development.
I had a question on how to handle expired certificates.
So at the time of openssl connection establishment, the certificate is valid.
But while the connection is still up, the certificate expires.
Is the application supposed to handle this or
OpenSSL does nothing about this. It's an interesting question. As for as
TLS/SSL is concerned, it is only using the certificate at the time the
connection is initially established, and therefore expiration (or revocation)
during the application's use of the certificate is up to the
On Tue, Apr 23, 2013 at 10:17:54AM -0700, Vijaya Venkatachalam wrote:
So at the time of openssl connection establishment, the certificate is valid.
But while the connection is still up, the certificate expires.
The certificate was valid at the time it was verified, this is sufficient.
Is the
OpenSSL doesn't take care of the expiration of your certificate
automagically in the background and call some function in your
application to asynchronously tell that the certificate you received
several seconds ago has now expired.
Identically, OpenSSL doesn't take care of external events that
From: Salz, Rich
OpenSSL does nothing about this. It’s an interesting question. As for as
TLS/SSL is concerned,
it is only using the certificate at the time the connection is initially
established, and therefore
expiration (or revocation) during the application’s use of the certificate
