Security Basics mailing list archives
Re: CERTIFICATE
From: Aaron Howell <aaron_howell () ngenuity-is com>
Date: Mon, 28 Jan 2008 10:03:49 -0800
anon () yahoo com wrote:
could someone tell me what would happen to encrypted traffic if you have an expired certificate?? Does the traffic flow in clear text henceforth?? or just that the credebility of traffic from that source cannot be accounted for??
From the first link on a google search for "expired certificate still
encrypt traffic" I get a link to this page: http://wiki.surpasshosting.com/index.php?title=SSL_Know_How Which has the following info: Pop-up Errors SSL will work EVEN IF you get any kind of popup. When viewing your website in the secure connection (https://www.domain.com) and you get a popup saying "Domain does not match" or "Expired" or any number of things, your site is STILL SECURE. SSL certificates are only for the sole purpose of the signing or Vouching. If you don't care about these popups then you could use the self signed certificate (will not give you CA bundle). I'd say that answers your question, hth. Aaron
Current thread:
- CERTIFICATE anon (Jan 28)
- RE: CERTIFICATE benoni.martin (Jan 28)
- Re: CERTIFICATE Mark Owen (Jan 28)
- Re: CERTIFICATE Geoffrey Gowey (Jan 28)
- Re: CERTIFICATE Aaron Howell (Jan 28)
- Re: CERTIFICATE PCSC Information Services (Jan 28)
- Re: CERTIFICATE Ali, Saqib (Jan 28)
- RE: CERTIFICATE Roantree, Conor (Jan 29)
- <Possible follow-ups>
- RE: CERTIFICATE Ziemniak, Terrence M. (Jan 28)
- Re: CERTIFICATE Ryan Chow (Jan 29)
- Re: RE: CERTIFICATE anonymous (Jan 29)