Extended certificate error

Allen netsecurity at sound-by-design.com
Tue Aug 19 01:43:25 EDT 2008

Peter Gutmann wrote:
> Allen <netsecurity at sound-by-design.com> writes:
>> I just got a warning that a certificate had expired and yet the data in it
>> says:
>>> [From: Tue Aug 05 17:00:00 PDT 2003,
>>>  To: Mon Aug 05 16:59:59 PDT 2013]
>> The error message says: "The digital signature was generated with a trusted
>> certificate but has expired."
> What's the expiry date for the CA certificate that signed it, and its CA
> certificate?  What's the clock on your PC set to?  And why aren't you just
> clicking "Continue anyway" like everyone else does? :-).

Hi Peter,

I checked the chain - goes directly from http://online.ccsf.edu's 
certificate to Thwate. All of Thwate's on my list expire 
12/31/2020 15:59:59 PM except for the primary root CA which is 
7/16/2036 16:59:59 PM, and the Thwate Extended Validation SSL CA 
which is 11/16/2016 15:59:59 PM.

As to my system clock, I was asked off list about this and here 
is what I said: "(I) Connect to time.nist.gov or one of a long 
list every 24 hours. My clock says 3:00 PDT August 18th and I 
just double checked by re-syncing:

SYNC-ATTEMPT    Host: mizbeaver.udel.edu    Aug-18-2008 15:00:22 
SUCCESS    39678.9169097222    39678.9169243634 

00000.0000146412 (rounded) is I think quite good enough. :)

As to just clicking through, either stupid for not trusting that 
everything is okay, cautious, or just plain curious why. Take 
your pick. ;->


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list