OpenSSL doesn't take care of the expiration of your certificate
automagically in the background and call some function in your
application to asynchronously tell that the certificate you received
several seconds ago has now expired.
Identically, OpenSSL doesn't take care of external events that may now
declare your certificate as revoked.
Verify the validity of the certificate at the current time. If you want
to periodically check for the validity of the certificate because you're
using it for a looooooong session, that's up to you.
--
Erwann ABALEA
Le 23/04/2013 19:17, Vijaya Venkatachalam a écrit :
Hi
I am new to openssl application development.
I had a question on how to handle expired certificates.
So at the time of openssl connection establishment, the certificate is
valid.
But while the connection is still up, the certificate expires.
Is the application supposed to handle this or does openssl handle this?
what should be the application behavior on certificate expiry?
Thanks,
Vijaya
