Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library

Previous|Next

  • Tickets
  • » Ticket #474

Ticket #474 (Fixed)Fri Sep 06 11:46:31 UTC 2019

AcornSSL displays wrong dates in Unverified Certificate prompt

Reported by: Martin Avison (27) Severity: Normal
Part: RISC OS: Module Release:
Milestone: Status Fixed

Details by Martin Avison (27):

Using the latest AcornSSL I have had an unverified certificate prompt raised. While the prompt was not unexpected, I noticed that the validity dates quoted seemed wrong. So I tried to access the same area with two other browsers, and they both showed the same (different) dates, as shown below:

Firefox on Win10 and RISC OS Netsurf v3.9…

Valid from 08 July 2019, 12:21:20 GMT
Valid until 06 October 2019, 12:21:20 GMT

AcornSSL 1.04 (26 Jan 2019) mbedTLS 2.16.2…

Valid from 08 June 2019
Valid until 06 September 2019

Note that the dates shown by AcornSSL are exactly 1 month earlier than the dates I, and the other browsers, believe correct.

My AcornSSL Root certificates are the latest ones dated 28 Aug 2019.
My Netsurf ones are dated 15 May 2019, so slightly older.
I have no idea what the Firefox ones are … but I would assume very recent.

However, the initial certificate I reported was my own from LetsEncrypt. I have also displayed the details from both the higher ones in the chain (LetsEncrypt and DST Root) and they both show dates one month later in Netsurf than in AcornSSL. So it seems to affect all certificate displays in AcornSSL.

Changelog:

Modified by Jeffrey Lee (213) Fri, September 06 2019 - 13:58:05 GMT

As mentioned on the forums, https://badssl.com is a good source of bad certificates for testing.

Modified by Martin Avison (27) Sat, September 07 2019 - 09:25:22 GMT

My certificate expires 6/10/2019, but although the Unverified prompt is displayed for other reasons and shows validity up to 6/9/2019, it is happy with the date even though it is now 7/9/2019. So it would seem the date checks are using the correct dates, and it is just the dialog display which is 1 month out.

Modified by Martin Avison (27) Mon, September 09 2019 - 16:41:21 GMT

See https://www.riscosopen.org/forum/forums/4/topic… for possible cause.

Modified by Martin Avison (27) Mon, September 09 2019 - 16:42:57 GMT

The actual post is https://www.riscosopen.org/forum/forums/4/topic…

Modified by Sprow (202) Tue, September 10 2019 - 09:32:07 GMT

  • Status changed from Open to Fixed

Fixed in AcornSSL 1.05.

  • Comment on, or change status of, this ticket

Previous|Next

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Tickets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails