Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Does expired certificate works?

Posted on 2011-03-07
5
Medium Priority
?
223 Views
Last Modified: 2012-05-11
I have a self signed certificate which is being used my one of our messaging server in our company. Recently I realized that certificate was expired 2 years back but it is still working is being used as the authentication to client. I am wondering how it is possible. Please note we have local company specific root CA. Please help me to understand how it is working in this scenario, I can provided more specific information in this regard. Thanks!
0
Comment
Question by:beer9
  • 2
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
alreadyinuse earned 1000 total points
ID: 35063356
My understanding is that yes they still perform the SSL encryption. Of course it will continually prompt clients to accept the expired certificate. Whereas a good certificate would avoid the issue.
0
 
LVL 10

Assisted Solution

by:ThorinO
ThorinO earned 1000 total points
ID: 35063381
Yes it will continue to work but will prompt. I would suggest buying a cert or you can get a free trusted one from http://cert.startcom.org/
0
 

Author Comment

by:beer9
ID: 35067093
On my client configuration file I see few setting for SSL. Please please me to understand it. Because it is set at false so that expired cert of server would also works? Thanks!

enable_verify_host="false"
enable_verify_hostname="false"

Open in new window

0
 
LVL 10

Expert Comment

by:ThorinO
ID: 35070653
What client is that on?
0
 

Author Comment

by:beer9
ID: 35070777
It is some java application.. internal built tool
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Screencast - Getting to Know the Pipeline

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question