We have a service behind IHS. Communication between IHS and WLP is encrypted using self signed certificate. Unfortunately we forgot to renew this self-singed certificate causing 500 errors when users hits IHS.
We have observed that the IHS server served traffic even after cert expired (Sept 7 - 1 PM is cert expiry date and time). When requests came in the next day on Sept 8 - IHS started serving 500 errors because cert expired.
Does IHS really validate Date and Time of the cert expiry when communicating with backend (or) Does it only validate only Date of the expiry?
Thanks!
Date and time, but only during a full handshake.
http keepalive and ssl session caching/resumption mean a backend can stay authenticated without revalidation any certificate for a long time --as long the server is willing and able to resume ssl sessions