I wanted to check to see what happens if the system time surpasses the expiration date of a certificate ( By expiration date, i mean when inside the certificate property of a signed file, it says valid from x to y), because i have always seen some drivers load without problems even years after the expiration of their certificate so i wanted to see whats that about.
So i added a couple of years to my system time and made sure it doesn’t get synced again. and to my surprise when i restarted the computer, the boot driver that i was testing loaded again without any problem. So i thought maybe its because the Root CA is not expired, so again i changed my system time to make sure its couple of years after the expiration of the Root CA as well, restarted the computer, and again, the driver is getting loaded without any problem, i can manually load it as well. even in the certificate property, Microsoft says This certificate is OK, even tho its 10-15 years after the expiration of the certificate and also the root CA!
I tried both with and without internet connection, no difference, it gets loaded without any problem… I was testing with the latest windows 10 version, enterprise edition, with secure boot on.
So my question is. what’s the point of using timestamp, or having an expiration date for certificates, if its not even used? or am i missing something?
When the certificate property says this certificate is valid from x to y, shouldn’t this mean that after y, its not valid? isn’t this pretty logical or am i losing my mind?!