Certificate Manager reports expired certificate

byrnejb · December 1, 2016, 4:49pm

FreePBX distro 10.13.66-17
FreePBX 13.0.190.7
Cert Manager 13.0.34

We operate a private Certificate Authority (CA). We installed the server certificate, added our CA chain to our PBX host, and loaded both into the certificate manager. This morning we have the following ‘critical’ error reported’:

Certificate named "HLLvoinet09" has expired. Please update this certificate in Certificate Manager

However, a perusal of said certificate shows this:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 538312750 (0x2016002e)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: CN=CA_HLL_ISSUER_2016, OU=Networked Data Services, O=Harte & Lyne Limited, L=Hamilton, ST=Ontario, C=CA, DC=harte-lyne, DC=ca
        Validity
            Not Before: Nov  1 00:00:00 2016 GMT
            Not After : Nov 30 23:59:59 2021 GMT

PHP reports this:

 Whoops \ Exception \ ErrorException (E_WARNING)

openssl_x509_parse(): illegal ASN1 data type for timestamp

Which appears to be a bug in PHP itself

https://bugs.php.net/bug.php?id=66636

How to fix?

tm1000 · December 1, 2016, 5:02pm

If it’s a bug in PHP you won’t be able to fix it.

billsimon · December 1, 2016, 5:38pm

At the bottom of the ticket you linked, it shows the bug was fixed. That was in 2014.

tm1000 · December 1, 2016, 5:48pm

In 5.4. Unfortunately the distro uses PHP 5.3

byrnejb · December 5, 2016, 2:08pm

How does one turn off the meaningless warnings then?

tm1000 · December 5, 2016, 3:53pm

At this time there is no way to do that.