What is my software supposed to do with a SSL certificate from the future?

Question

I am developing a software which imports ssl certificates. When the expiration date has past, my software accuses this certificate as invalid. But, let's suppose I have a certificate that is valid notBefore 2015 and we're in 2012. What should my software report? Should I accept it? I searched a lot for a standard or a recommendation, but I found nothing.

I know that it is unlikely to happen, but I want to know what to do.

It may seem obvious, but what if we're in 2012, the certificate is valid notBefore 2011 but for some reason my machine is setted with a date like 1970. All the SSL services would stop working.

So, what do you think?

Answer 1

Reject it. It isn't valid yet. There has probably been a mistake in the issuing/signing process but that's not your problem. The certificate says itself that it isn't valid yet, so it isn't valid yet.