On 2020-05-30 17:31, Paul Stimpson wrote:
I'm stuck in a never-ending conference call at work because of
significant enterprise-wide outages. These outages have been caused by
apparently valid certificates failing to verify.
Our investigation has revealed that the AddTrust Root CA certificate
expired today but our certificate issuer sold us 2 year certs without
checking every cert in the chain of trust was valid until the expiry
date of the certs we bought (There was only 1 year remaining on the
Root CA cert on the day they sold us a 2 year cert signed with it.)
You may wish to check the chains of trust on your certificates...
How many people would check all up the chain for expiry dates. End users
I mean, one would expect suppliers to