How does Tyk GW handle expired cert or cert that's valid in future date

Support Installation and Deployment
1

Hi,

We’re using Tyk gateway CE with SSL enabled on the gateway and upstream API endpoints. In the tyk.conf, we also have the following setting:

"proxy_ssl_insecure_skip_verify": true

Questions: how does Tyk behave in the following scenarios:

  • Certificate expires
  • Certificate is valid only in future date

Thnx!

2

Hi! :slight_smile:

Enabling this option only allows the use of self-signed certificates, not expired or invalid certificates. So in both of these cases the verification will fail.

Luan
– Tyk support team

3

Thanks Luan. We tested the two scenarios I mentioned with self-signed certificate and found that Tyk didn’t fail the cert validation in both cases. Any idea why?