From 9910d6b9a49eac5ce9ab5d89dfb64327ab292a95 Mon Sep 17 00:00:00 2001
From: Bastien Bouclet <bastien.bouclet@gmail.com>
Date: Sat, 2 Nov 2019 14:15:18 +0100
Subject: mbedtls: add error message for cert validity starting in the future

Closes #4552
---
 lib/vtls/mbedtls.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 27898505f..e34ec9d13 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -588,6 +588,9 @@ mbed_connect_step2(struct connectdata *conn,
     else if(ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED)
       failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED");
 
+    else if(ret & MBEDTLS_X509_BADCERT_FUTURE)
+      failf(data, "Cert verify failed: BADCERT_FUTURE");
+
     return CURLE_PEER_FAILED_VERIFICATION;
   }
 
-- 
cgit v1.2.3