I read the following gemlog post:
RE ew0k: Your Gemini Browser and Server are Probably Doing Certificates Wrong
Which to took me to this post:
Your Gemini Browser and Server are Probably Doing Certificates Wrong
And I read this advice:
And server admins: please, please, please stop using Certificate Authority certificates until this situation is sorted out. And set not-valid-after dates to at least some time in the next century. If TOFU is decided as the predominant validation scheme I suggest you never return to using Certificate Authority certificates. They just can't be guaranteed to play well with TOFU.
So I decided to check the validity of my own certificate which is self-signed...
Dec 21 18:07:47 2021 GMT
Okay, that's not a very long period of time. :-) I replaced my certificate with a new one. This new certificate will be valid until:
Jun 8 23:02:45 3020 GMT
That's better.
This replacement shouldn't cause any problems because my server is still unknown. (I submitted a crawl request to GUS but the search index hasn't been updated since 2020-12-06.)
By the way, to check the expiration date I used the following openssl command which I found here:
21 OpenSSL Examples to Help You in Real-World
openssl s_client -connect henn.es:1965 -showcerts 2>/dev/null | openssl x509 -noout -enddate