openssl 1.0 vs 1.1 s_client verify CA cert expiration
nate
openssl at linuxpowered.net
Thu Sep 30 17:12:28 UTC 2021
On 2021-09-30 9:50, Matt Caswell wrote:
> See:
>
> https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/
ok thanks!
That is interesting and explains some things. One more Q for you, this
app
uses a custom CA certs file (so doesn't rely on the OS trusted).
Though it seems after further testing even when telling openssl s_client
to look at a specific CA file it looks at it, and also looks at the OS
stuff as well if there is a CA with the OS and not in the custom CA file
(which has about 113 CAs in it).
Not a big deal will all be fixed when they update the cert.
thanks again
nate
More information about the openssl-users
mailing list