Swapan Gupta wrote: > Hi, > > > > Appreciate if someone could share more info on the following: > > > > Does Apache do any special handling if the installed server certificate > or the CA root certificate has expired? > > > > In my installation, we are seeing that the expired Server certificate is > sent to the client when a resource is accessed over https. > > Is this the expected behavior? Yes it is. > > > > If not, do we need to do any specific configuration on Apache, which > will prevent Apache from sending the server certificate? > > > > Please suggest what is the expected behavior in such cases when the > server certificate or the CA root certificate has expired and client > accesses a resource over https. The browser *should* warn the user that certificate is now invalid. In other words it no longer is within the accepted date range. You could potentially write a little script that pulls a copy of the certificates from all your sites, and if less than aweek to go fires off an email, or you could just add a calendar item with a reminder. :-) -- ----------------------------------------- Tony Stevenson tony@xxxxxxxxxxx // pctony@xxxxxxxxxx http://www.pc-tony.com/ 1024D/51047D66 ECAF DC55 C608 5E82 0B5E 3359 C9C7 924E 5104 7D66 ----------------------------------------- --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|