We have a development cert that is expired, and I need to simply ignore the expiration date in the validation credential on the forward crypto profile.
On the certificate object itself, I have "Ignore Expiration Dates" turned on, and on the Proxy Profile, I have "Permit connections to to Insecure SSL Servers" turned on. In desperation, I've turn on "Permit insecure SSL renegotiation to a legacy SSL client" on the Crypto Profile, and on the Validation Credential, I've turn "Use CRL" "off".
It is still giving an error due to the certificate being expired.
The only nuance to what we're doing is this whole thing is attached to a dynamic back-end WSP with dp:xset-target for the route. It seems to be doing everything correctly all the way up failing when checking the validation credential. This is how the XSLT is calling it:
<dp:xset-target host="$url" port="443" ssl="true()" sslid="MyForwardProxyProfile"/>
Where "$url" is an xsl variable holding the back-end to the service. How do I get it to simply accept the expired cert?