Opened 5 years ago

Last modified 3 years ago

#15856 new enhancement

TLS: offer to sync time on rejected cert in the future — at Version 2

Reported by: nephele Owned by: stippi
Priority: normal Milestone: Unscheduled
Component: Applications/SoftwareUpdater Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Platform: All

Description (last modified by nephele)

When SoftwareUpdater encounters x.509 valid in the future it should report this directly instead of reporting an updating failure or sometihng

I have had some machines with broken CMOS battery, and even beeing aware of this it took me some time to understand why the updates failed :)

Change History (2)

comment:1 by pulkomandy, 5 years ago

Just show a more detailed message, like "Certificate is not yet valid". This should give a good enough clue about the problem, I'd say?

And we should fix our NTP sync code to synchronize properly on boot (or more precisely, when network is up), so this does not happen. Not workaround it everywhere in the code where a date may be used. Because it's not just TLS certificates: HTTP cookies will never expire, for example; the history menu in Web+ will do strange things, etc.

comment:2 by nephele, 4 years ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.