SslInfo does not use its Clock when checking certificate validity #45573
Labels
type: task
A general task
Milestone
Comments
wilkinsona
added
for: team-meeting
|
We'd like to fix the tests in 3.4.x and both the tests and the API in 3.5 (there's a public constructor that takes a Clock but it is not used for the validity check). The 3.4 issue (this one) is a task. The forward merge issue for 3.5 should be a bug as the API's ignoring the Clock. |
wilkinsona
added
type: task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I noticed this as I was confused by SslMeterBinderTests where there are several certificates that are considered valid despite the tests using a fixed clock of 2024-10-21T13:51:40Z and the certificates not being valid until 2024-10-22.
While the Clock is new in 3.5, we may want to do something in 3.4 as well because
SslInfoTestswill start failing in the future when the certificates used for testing expire. They could prevent someone from rebuilding a tag unless they disable the tests.Flagging for discussion so that we can decide what to do.
The text was updated successfully, but these errors were encountered: