Open pwalski opened 1 year ago
It is good that library verification method rejects not expired cert signed by expired cert, but it means rejection will happen on Provider side during Negotiation, not on the side of author of an application with Audited Payload
the moment they will try to sign it using invalid certificate.
What: Add suitable warnings when using expired certificates in scenarios like below.
Problems:
Golem
cert.openssl
rejects attempt to sign expired cert, so maybe we should behave the same. It also does not allow for cert issuer expiring before signed cert.