CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
The expiry date rolls over and is shown as some time in that past. pfSense see it as expired/invalid. See attachment.
This looks like a regression since: https://redmine.pfsense.org/issues/9100
#1 Updated by Jim Pingle about 2 months ago
- Target version changed from 21.05 to Plus-Next
Looks like this is from the
validTo date in the parsed details using a four digit date and the code assumed a two digit date. Looks like it can be either one in certs so I added a check to fall back to the other method. Fix coming shortly.
#6 Updated by Marcos Mendoza about 1 month ago
Tested on 21.02p1 and it showed as invalid. After updating to latest dev build image (Mar 10), the cert no longer showed as invalid. This was on:
21.05-DEVELOPMENT (arm) built on Wed Mar 10 01:03:47 EST 2021 FreeBSD 12.2-STABLE
Once a snapshot is available on 21.02p2, I can test on that as well.