Fwd: Disabling SSL Issue Date Validation
Abhi Arora
engr.abhiarora at gmail.com
Thu Jan 9 13:57:25 UTC 2020
I am trying to disable Server's Certificate Issue Date Validation in libcurl.
For that, I have registered a own_verify_callback function by calling
SSL_CTX_set_verify in sslContextVerify callback (set via curl_easy_setopt(curl,
CURLOPT_SSL_CTX_FUNCTION, sslContextVerify)).
The "own_verify_callback" gets called (I have print in this function and
they are printed on console) and it returns 1 but still curl connection
fails (i.e., curl_easy_perform returns with an error) with error "SSL
certificate verify result: certificate is not yet valid (9)". However, it
should allow the connection.
I have set the system's date and time to 1990 and I was testing the Issue
Date Validation.
Looks like there is a bug in libcurl or I am missing something important?.
Is there something I am doing wrong or is it a well-known bug? My code is
below:
https://stackoverflow.com/questions/59662414/disabling-ssl-issue-date-validation-in-libcurl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200109/2ea09a01/attachment-0001.html>
More information about the openssl-users
mailing list