When using a CRL with times without explicit timezones, when verifying a certificate the library returns messages such as:
depth=0 C = GB, ST = England, L = West Yorkshire, ..., UID = 2b7cc0de-060b-4498-84f3-d5232415904f
verify error:num=15:format error in CRL's lastUpdate field
verify return:1
depth=0 C = GB, ST = England, L = West Yorkshire, ..., UID = 2b7cc0de-060b-4498-84f3-d5232415904f
verify error:num=16:format error in CRL's nextUpdate field
verify return:1
depth=1 C = GB, ST = England, L = West Yorkshire, ...
verify error:num=15:format error in CRL's lastUpdate field
verify return:1
depth=1 C = GB, ST = England, L = West Yorkshire, ...
verify error:num=16:format error in CRL's nextUpdate field
verify return:1
OpenSSL does not accept times without an explicit timezone. I believe the offending code is:
https://github.com/openssl/openssl/blob/7f3f41d816bb80e362a5978420f59030b3132c81/crypto/x509/x509_vfy.c#L1878
When using a CRL with times without explicit timezones, when verifying a certificate the library returns messages such as: