Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-38896

Fix Handling of expired certificates

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.3.0
    • 5.3.0 RC1
    • Network: SSL
    • None
    • f5a4716ccc877f369a6cfcda9b57718dc9018b83

    Description

      If the certificate store contains expired CA certificates along with re-issued (not-expired) version, it will fail sometimes (but not often, based on OpenSSL's internal data structure), if it hits the expired certificate first. This results in effects as decribed in https://bugreports.qt-project.org/browse/QTBUG-20225, and makes it impossible to connect to the site. Since Verisign and other big vendors and some others have certificates that expired a few months ago and others will soon expire, this issue affects more and more people, especially on Windows which fetches new certs via Windows Update, but doesn't purge the old ones.

      Attachments

        Issue Links

          For Gerrit Dashboard: QTBUG-38896
          # Subject Branch Project Status CR V

          Activity

            People

              danimo Daniel Molkentin
              danimo Daniel Molkentin
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes