A site cashwinstores.com has R3 certification but the validity date shows 1/5/21 and end date 4/5/21. I have a doubt it is a fake certificate could someone check.
The domain doesn't exist (any longer?) and there are no certificates logged for that domain: crt.sh | cashwinstores.com
Also, what would be wrong with those dates? LE certs are valid for 3 months, so from January 5th to April 5th would be fine. (Assuming you're using the hopelessly weird US date notation of MM/DD/YY...)
I imagine they're talking about this certificate
... for the name cashwinstore.com (no plural)
Which yes, is a perfectly normal Let's Encrypt certificate. @Netkazana you don't offer any reason why anybody should think this might be a "fake certificate" beyond that you for some reason think so.
@Netkazana, please note that Let's Encrypt certificates verify that a site is operated by the same entity that registered or operates an Internet domain name, but do not verify the legal identity of that entity at all. You can use the Let's Encrypt certificate to confirm that the site you're connecting to is really operated by the owner of the domain name
cashwinstore.com, but not to confirm who owns that domain name.
The validity date is confusing
In U.S. date order the month is written first, so 1/5/21 is 2021-01-05 and 4/5/21 is 2021-04-05. This makes sense since 2021-04-05 is exactly 90 days later than 2021-01-05, which is the correct validity duration of a Let's Encrypt certificate.
May 1, 2021 is 5/1/21 in U.S. date order.
Thank you for the clarification
Very very helpful
Just as I said 2 days ago:
The thing that's slightly odd here is that this US formatting is not present in the certificate. Internally, certificates are in ASN.1 and use UTCTime, so they're in the ISO order (YYMMDD†). So the US ordering which has worried you was not inherent to the certificate but done by software you're using (such as a web browser or certificate viewer software) and would be consistent in everything shown by that software.
†Yes that's a two digit year and so yes this means the Y2K problem applies to certificates.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.