[PATCH] Re: Check SSL certificate for expiration

Nicolas Sebrecht nicolas.s-dev at laposte.net
Mon Jun 13 15:55:45 BST 2011

On Sat, Jun 11, 2011 at 09:35:38PM +0200, Sebastian Spaeth wrote:
> We currently don't care about expiration dates of the servers SSL
> certificate. This patch adds a check that fails Cert verification when
> it is past its due date. There is no way or option to override this
> check.
> Unfortunately we only seem to be able to get SSL certificate data when
> we passed in a CA cert file? How do we get that date when we don't have
> a ca cert file?
> Signed-off-by: Sebastian Spaeth <Sebastian at SSpaeth.de>
> ---
> Based against next. Do we need a way to override this? And how do I get
> a servers SSL expiration date in python when we don't have a CA CERT to
> pass in?

Sorry, I can't help you much here. I don't have any good knowledge in
this area.


Nicolas Sebrecht

More information about the OfflineIMAP-project mailing list