ottchris 2 Posted November 30, 2017 Share Posted November 30, 2017 I have always assumed the validity period on SSL certificates (valid from date x to date y) is inclusive. It seems the logical interpretation of from/to. Today, ESET is telling me that a certificate with a 'to date' of 30/11/2017 has expired and is invalid. I'm making an assumption that the 'invalid text' in the certificate as displayed by ESET is the result of an ESET test of the dates. A brief Google search has failed to produce a definitive answer. Anyone care to enlighten me? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,718 Posted November 30, 2017 Administrators Share Posted November 30, 2017 Do you get a different result if you check such website through https://www.ssllabs.com/ssltest/ ? Link to comment Share on other sites More sharing options...
TomFace 539 Posted November 30, 2017 Share Posted November 30, 2017 I am having a similar issue...see https://forum.eset.com/topic/13948-ghostery/ Link to comment Share on other sites More sharing options...
ottchris 2 Posted November 30, 2017 Author Share Posted November 30, 2017 (edited) 27 minutes ago, Marcos said: Do you get a different result if you check such website through https://www.ssllabs.com/ssltest/ ? I have already just this minute done a check using https://www.digicert.com/help/ and it also states the certificate in question is invalid. While site admins certainly would be advised not to go the wire with certificate renewal I can understand why anyone might think that a certificate whose validity period (valid from date to date) and has a to date of 30th November is still valid. The wording is ambiguous. UPDATE. OK, didn't notice the time stamp! :-( It would be preferable if the timestamp was included with the date in the certificate display 'valid from/to" field. Edited November 30, 2017 by ottchris New information! Link to comment Share on other sites More sharing options...
Recommended Posts