NET::ERR_CERT_VALIDITY_TOO_LONG also with certs with validity < 39 months?
3,087 views
Skip to first unread message
Locke Hajo
Apr 24, 2018, 11:29:35 AM4/24/18
to Chromium-dev
Hello,
today i updated my win desktop chrome to Version Version 66.0.3359.117
Now my Webpage shows error: NET::ERR_CERT_VALIDITY_TOO_LONG
I expected to see this error only with certs issued after 1.4.2015 and runtime > 39 months.
In my case cert expires in 2 years and 10 months, total runtime 3 years.
Is this an expected behaviour? Are wildcard-certs treated a special way?
Please find detailed analysis here: https://www.ssllabs.com/ssltest/analyze.html?d=ltw.at&hideResults=on
I have other regular certs with similar runtime which show no erros. So i expect a wildcard-cert-issue but could not find further information.
Thanks,
Hajo
Ryan Sleevi
Apr 24, 2018, 11:38:12 AM4/24/18
to hajo....@gmail.com, Chromium-dev
You need to get the certificate replace. The CA in question (Comodo) is known to have issued a number of certificates with a questionable dating and validity period scheme.
You can find more context, as well as discussion from the CA in question, at https://groups.google.com/d/msg/mozilla.dev.security.policy/-o2iN4GQbGY/KmErqpFDCAAJ
Locke Hajo
Apr 26, 2018, 2:55:28 AM4/26/18
to rsl...@chromium.org, Chromium-dev
ahh, thanks, i see. Seems to be a problem with deadline 1.3.2016
Thanks,
Hajo
Reply all
Reply to author
Forward
0 new messages