Description of problem: If SSL is enabled (1-way or 2-way) server provides to the client certificate which must be signed by valid certificate of trusted CA. If server provides certificate which is signed by certificate of root CA which already expired client accepts this certificate. Client should not accept such certificate. This affects 1-way and 2-way authentication modes.
*** Bug 1318167 has been marked as a duplicate of this bug. ***
Steven Hawkins <shawkins> updated the status of jira TEIID-4080 to Resolved
New client property (org.teiid.ssl.checkExpired) and transport property (truststore-check-expired) have been added. User needs to set those to prevent accepting certificates which are signed with untrusted or expired certificates of CA.