From: "MartinBosslet (Martin Bosslet)" Date: 2013-07-23T08:42:24+09:00 Subject: [ruby-core:56115] [ruby-trunk - Bug #8664] open ssl not_before failure on small set of certificates Issue #8664 has been updated by MartinBosslet (Martin Bosslet). Assignee changed from MartinBosslet (Martin Bosslet) to drbrain (Eric Hodel) Unfortunately, when encoded as BER, all bets are off, as the format (with or without time zone, string representations of the time zone, ...) is not clearly specified anymore. But in this particular case I believe it makes a lot of sense to add explicit support. Please, Eric, go ahead and commit your patch! And thanks, BTW :) ---------------------------------------- Bug #8664: open ssl not_before failure on small set of certificates https://bugs.ruby-lang.org/issues/8664#change-40615 Author: jnickel (Jody Nickel) Status: Assigned Priority: Normal Assignee: drbrain (Eric Hodel) Category: ext/openssl Target version: ruby -v: ruby 1.9.3p448 (2013-06-27 revision 41675) [x86_64-linux] Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN This failure only occurs on a very small percentage of certificates, during processing of ~2 million certificates, this failure only occurred 3 times. It happens on ruby-1.9.3-p448, ruby-1.8.7-p374 and ruby-2.0.0-p247 with the same error reported: open-ssl-bug.rb:71:in `not_before': bad UTCTIME format (TypeError) from open-ssl-bug.rb:71:in `perform_cert' from open-ssl-bug.rb:76:in `
' I've enclosed a small sample program showing a successful and failed display of the not_before time, with the good and bad certificates embedded within the code. -- http://bugs.ruby-lang.org/