wolfssl icon indicating copy to clipboard operation
wolfssl copied to clipboard

Published 20 hours ago verified publisher icon wolfSSL

Wolfssl accepts digital certificates with incorrect expiry date format

Open llmlla opened this issue 2 years ago • 2 comments
trafficstars

When I used wolfssl for digital certificate validation, I found that wolfssl accepted a digital certificate with the wrong expiry date format. The version I used is wolfssl 4.2.0. Here are certificates I used. leaf.txt root.txt

llmlla avatar May 05 '23 09:05 llmlla

Hi @llmlla ,

4.2.0 is extremely outdated and no longer supported, please upgrade to 5.6.0, our latest release, and retry. Your root certs appear to have valid date formats, we do support both UTC and Generalized time. With their expiry dates set far into the future (9999/6566), I do expect them to validate. Your leaf cert appears to have an invalid notBefore date, and I expect it to fail.

Thanks, Kareem

kareem-wolfssl avatar May 05 '23 18:05 kareem-wolfssl

Thanks for the suggestion, I will try the latest version.

llmlla avatar May 07 '23 02:05 llmlla