How does Tyk GW handle expired cert or cert that's valid in future date


We’re using Tyk gateway CE with SSL enabled on the gateway and upstream API endpoints. In the tyk.conf, we also have the following setting:

"proxy_ssl_insecure_skip_verify": true

Questions: how does Tyk behave in the following scenarios:

  • Certificate expires
  • Certificate is valid only in future date


Hi! :slight_smile:

Enabling this option only allows the use of self-signed certificates, not expired or invalid certificates. So in both of these cases the verification will fail.

– Tyk support team

Thanks Luan. We tested the two scenarios I mentioned with self-signed certificate and found that Tyk didn’t fail the cert validation in both cases. Any idea why?