Security Basics mailing list archives

Re: CERTIFICATE

From: Aaron Howell <aaron_howell () ngenuity-is com>
Date: Mon, 28 Jan 2008 10:03:49 -0800

anon () yahoo com wrote:

could someone tell me what would happen to encrypted traffic if you have an expired certificate?? Does the traffic 
flow in clear text henceforth?? or just that the credebility of traffic from that source cannot be accounted for??

From the first link on a google search for "expired certificate still

encrypt traffic" I get a link to this page:

http://wiki.surpasshosting.com/index.php?title=SSL_Know_How

Which has the following info:

  Pop-up Errors

SSL will work EVEN IF you get any kind of popup. When viewing your
website in the secure connection (https://www.domain.com) and you get a
popup saying "Domain does not match" or "Expired" or any number of
things, your site is STILL SECURE. SSL certificates are only for the
sole purpose of the signing or Vouching. If you don't care about these
popups then you could use the self signed certificate (will not give you
CA bundle).

I'd say that answers your question, hth.

Aaron

Current thread:

CERTIFICATE anon (Jan 28)
- RE: CERTIFICATE benoni.martin (Jan 28)
- Re: CERTIFICATE Mark Owen (Jan 28)
- Re: CERTIFICATE Geoffrey Gowey (Jan 28)
- Re: CERTIFICATE Aaron Howell (Jan 28)
- Re: CERTIFICATE PCSC Information Services (Jan 28)
- Re: CERTIFICATE Ali, Saqib (Jan 28)
- RE: CERTIFICATE Roantree, Conor (Jan 29)
- <Possible follow-ups>
- RE: CERTIFICATE Ziemniak, Terrence M. (Jan 28)
  - Re: CERTIFICATE Ryan Chow (Jan 29)
- Re: RE: CERTIFICATE anonymous (Jan 29)