User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0 Build ID: 20161020000000 Steps to reproduce: Go to a site whose certificate has expired in your local timezone, but not in UTC, or has expired in UTC, but not your local timezone. Actual results: Certificate expiry will be based on your local timezone. Expected results: Using the local timezone for SSL certificate expiry makes little sense, as that means certificates will expire at different times in different places. It makes more sense to go by UTC, in which case it will expire at the same time everywhere.
Certificate expiration comparisons are done using UTC, so it shouldn't be possible for a certificate to have expired in a user's local timezone but not UTC. What is leading you to believe this is occurring?
When viewing a page with an expired certificate, e.g. https://expired.identrustssl.com/, it shows the local time as the current time.
Yes, but it also displays the expiration time in local time, so the comparison still happens in the same time zone. This should be addressed by bug 1302750.