Showing results for 
Search instead for 
Did you mean: 

Block SSL certificates based on valid lifetime

Hi community,


is it possible to block SSL certificates which are valid for more than n-years?

Unfortunately I couldn't find anything suitable, yet.

Thank you very much.

1 Reply
Reliable Contributor jacek
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: Block SSL certificates based on valid lifetime

Yes and no.
If you want to block certificates, which are valid for more than X days, you can use property:
So to check if a certificate is valid for more than 2 years, check if DaysExpired is less than -731 (we are checking days expired, so if a certificate is valid, value will be negative).
But if a certificate was issued 2 years ago and is valid for a 1 year more, you cannot detect it as far as I know.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community