[PATCH] Check SSL certificate for expiration

Sven Kirmess sven.kirmess at kzone.ch
Mon Jun 13 21:24:55 BST 2011


On Sat, Jun 11, 2011 at 21:35, Sebastian Spaeth <Sebastian at sspaeth.de>wrote:

> We currently don't care about expiration dates of the servers SSL
> certificate. This patch adds a check that fails Cert verification when
> it is past its due date. There is no way or option to override this
> check.
>

Will that just report a warning? Or will this make it impossible to sync
against a server with an expired certificate? Expired certificates don't
automatically compromise security and you might be unable to convince the
company running the server to make them install a new certificate. I would
prefer if there would be a configuration option or command line argument
that would allow us to sync against a server with an expired certificate.

Sven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/offlineimap-project/attachments/20110613/98df6969/attachment-0003.html>


More information about the OfflineIMAP-project mailing list