Hi guys,
Is there any theory as to why the SAN in the CA cert would affect its validation? None of the CA validation routines reference SANs.
Did anyone take a look at the error log:
```
200114 14:13:20 11065 cryptossl_ASN1toUTC: UTC: -2104471696 isdst: 1
200114 14:13:20 11065 secgsi_VerifyCA: CA certificate self-signed: integrity check failed (4ba9a797.0)
```
The expiration time of the CA is -2104471696; a negative time value is certainly suspicious. Sure enough, look at the validity:
```
Validity
Not Before: Jun 1 00:00:00 2019 GMT
Not After : Jun 1 00:00:00 2039 GMT
```
The validity is after 2038, suggesting that this code suffers from the [Year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem).
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/xrootd/xrootd/issues/1110#issuecomment-576736580
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
