Extended certificate error
Allen
netsecurity at sound-by-design.com
Tue Aug 19 01:43:25 EDT 2008
Peter Gutmann wrote:
> Allen <netsecurity at sound-by-design.com> writes:
>
>> I just got a warning that a certificate had expired and yet the data in it
>> says:
>>
>>> [From: Tue Aug 05 17:00:00 PDT 2003,
>>> To: Mon Aug 05 16:59:59 PDT 2013]
>> The error message says: "The digital signature was generated with a trusted
>> certificate but has expired."
>
> What's the expiry date for the CA certificate that signed it, and its CA
> certificate? What's the clock on your PC set to? And why aren't you just
> clicking "Continue anyway" like everyone else does? :-).
Hi Peter,
I checked the chain - goes directly from http://online.ccsf.edu's
certificate to Thwate. All of Thwate's on my list expire
12/31/2020 15:59:59 PM except for the primary root CA which is
7/16/2036 16:59:59 PM, and the Thwate Extended Validation SSL CA
which is 11/16/2016 15:59:59 PM.
As to my system clock, I was asked off list about this and here
is what I said: "(I) Connect to time.nist.gov or one of a long
list every 24 hours. My clock says 3:00 PDT August 18th and I
just double checked by re-syncing:
SYNC-ATTEMPT Host: mizbeaver.udel.edu Aug-18-2008 15:00:22
SUCCESS 39678.9169097222 39678.9169243634
1.46411985042505E-5!
39678.9169243634
39678.9169097222
-----------------
00000.0000146412 (rounded) is I think quite good enough. :)
As to just clicking through, either stupid for not trusting that
everything is okay, cautious, or just plain curious why. Take
your pick. ;->
Allen
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list