Open sujith-k-s opened 1 year ago
What is the use case?
Looks very strange. You don't want to verify the Validity Periods of the Certificate, but use CRLs for path building (which require checkDate
argument). Would it be easier to build the chain without Revocation Lists and use the date (notBefore
or notAfter
) from the leaf certificate?
We have a case where we do not want to verify the Validity Periods of the Certificates. Passing an undefined to the CheckDate Parameter should honor this and should not check for the validity of the certificates. I understand that this could break current implementations, therefore we could add an additional argument (
validateDate
) to parameters which would produce the same result. The only change required for this on line 415, where you do:if (this.validateDate && (crl.nextUpdate && crl.nextUpdate.value < this.checkDate)) {