@@ -80,7 +80,7 @@ func (e CertificateInvalidError) Error() string {
80 80
case NotAuthorizedToSign:
81 81
return "x509: certificate is not authorized to sign other certificates"
82 82
case Expired:
83 -
return "x509: certificate has expired or is not yet valid"
83 +
return "x509: certificate has expired or is not yet valid: " + e.Detail
84 84
case CANotAuthorizedForThisName:
85 85
return "x509: a root or intermediate certificate is not authorized to sign for this name: " + e.Detail
86 86
case CANotAuthorizedForExtKeyUsage:
@@ -576,8 +576,18 @@ func (c *Certificate) isValid(certType int, currentChain []*Certificate, opts *V
576 576
if now.IsZero() {
577 577
now = time.Now()
578 578
}
579 -
if now.Before(c.NotBefore) || now.After(c.NotAfter) {
580 -
return CertificateInvalidError{c, Expired, ""}
579 +
if now.Before(c.NotBefore) {
580 +
return CertificateInvalidError{
581 +
Cert: c,
582 +
Reason: Expired,
583 +
Detail: fmt.Sprintf("current time %s is before %s", now.Format(time.RFC3339), c.NotBefore.Format(time.RFC3339)),
584 +
}
585 +
} else if now.After(c.NotAfter) {
586 +
return CertificateInvalidError{
587 +
Cert: c,
588 +
Reason: Expired,
589 +
Detail: fmt.Sprintf("current time %s is after %s", now.Format(time.RFC3339), c.NotAfter.Format(time.RFC3339)),
590 +
}
581 591
}
582 592 583 593
maxConstraintComparisons := opts.MaxConstraintComparisions
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4