This is somewhat old, but there's a relevant change. I wrote:
> Prentice Bisbal <[email protected]> writes: > >> The expiry date of the certificates wasn't the issue. I mange many SSL >> certificates, so I'm well aware of the issues with SSL certs expiring. >> >> In my original post to the mailing list in 2007, I showed that my SSL >> certs that SGE was claiming were no longer valid were actually valid for >> another 11 months. > > It wasn't clear that was certificate it was complaining about. If > someone can reproduce this with information on all the relevant > certificates, please add an issue about it with as much information as > possible <https://arc.liv.ac.uk/trac/SGE#mail>. There was never an example to demonstrate this was really due to the certificate. I got more convinced by <https://arc.liv.ac.uk/trac/SGE/ticket/1423> that it is just due to the CRL, as I originally assumed, and changed the sgeCA defaults in the current release. If anyone finds the same sort of trouble with that change <https://arc.liv.ac.uk/trac/SGE/changeset/4294/sge>, please report it with relevant details. [There's an objection in the linked bug report that it's bad to use a short CRL lifetime. I still don't understand why in this context, but I'm happy to be convinced.] _______________________________________________ users mailing list [email protected] https://gridengine.org/mailman/listinfo/users
