Hi guys, Is there any theory as to why the SAN in the CA cert would affect its validation? None of the CA validation routines reference SANs. Did anyone take a look at the error log: ``` 200114 14:13:20 11065 cryptossl_ASN1toUTC: UTC: -2104471696 isdst: 1 200114 14:13:20 11065 secgsi_VerifyCA: CA certificate self-signed: integrity check failed (4ba9a797.0) ``` The expiration time of the CA is -2104471696; a negative time value is certainly suspicious. Sure enough, look at the validity: ``` Validity Not Before: Jun 1 00:00:00 2019 GMT Not After : Jun 1 00:00:00 2039 GMT ``` The validity is after 2038, suggesting that this code suffers from the [Year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1110#issuecomment-576736580 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1