Does expired certificate works?

I have a self signed certificate which is being used my one of our messaging server in our company. Recently I realized that certificate was expired 2 years back but it is still working is being used as the authentication to client. I am wondering how it is possible. Please note we have local company specific root CA. Please help me to understand how it is working in this scenario, I can provided more specific information in this regard. Thanks!
beer9Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
alreadyinuseConnect With a Mentor Commented:
My understanding is that yes they still perform the SSL encryption. Of course it will continually prompt clients to accept the expired certificate. Whereas a good certificate would avoid the issue.
0
 
ThorinOConnect With a Mentor Commented:
Yes it will continue to work but will prompt. I would suggest buying a cert or you can get a free trusted one from http://cert.startcom.org/
0
 
beer9Author Commented:
On my client configuration file I see few setting for SSL. Please please me to understand it. Because it is set at false so that expired cert of server would also works? Thanks!

enable_verify_host="false"
enable_verify_hostname="false"

Open in new window

0
 
ThorinOCommented:
What client is that on?
0
 
beer9Author Commented:
It is some java application.. internal built tool
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.