Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSLLooseConfig.acceptAnyCertificate does not allow expired certs #85

Open
LogicalTime opened this issue Jul 11, 2018 · 2 comments
Open

SSLLooseConfig.acceptAnyCertificate does not allow expired certs #85

LogicalTime opened this issue Jul 11, 2018 · 2 comments
Labels
status:backlog

Comments

@LogicalTime
Copy link

LogicalTime commented Jul 11, 2018
edited
Loading

When acceptAnyCertificate(true) I get a cert expired exception. Below is a list of the causes from the stack trace.
SSLHandshakeException: General SSL Engine Problem
Validator Exception: PKIX path validation failed
CertPathValidator Exception: validity check failed
CertificateExpiredException: NotAfter ....

This may be related to #69
@wsargent
Copy link
Contributor

I don't think acceptAnyCertificate ever made any promises about accepting expired certificates -- only that it would accept certificates that would fail an identity check.

@LogicalTime
Copy link
Author

It's a decision to be made. Let's make the decision and add it to the documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wsargent @dwijnand @LogicalTime