I have a feeling this is an oversight on Yahoo's part. The certificate expired today (December 10, 2013) at 7:00am. You'll probably have to wait for Yahoo to fix this issue by getting a new certificate deployed. But, I don't see it taking long for Yahoo to realize this mistake and fixing it.
In the meantime, if you (or your users) feel safe enough, you can ignore the certificate warning. Just verify the certificate chain manually to ensure you trust the chain of signing and nothing malicious is happening.