You don’t realize how difficult X509 certificate verification is until you actually try to implement it. Jesus.
All of Google's and mozilla:pkix and webpki are pretty good. What are you planning to do differently?
-
-
I need to discern between expired but otherwise valid (e.g. “was_valid”)
-
and also name error, but otherwise valid (e.g. valid chain, but name error) “valid_name”
-
I’m using the Golang X.509 lib as a base
-
why not just feed in different date?
-
It’s unclear what date to feed in, you’d need something like this https://gist.github.com/dadrian/77d84619d6047ad973b74ec678d1513d …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.