Fix the "certificate is not yet valid" error for server certificates

net/data/ssl/certificates/README

Index: net/data/ssl/certificates/README
===================================================================
--- net/data/ssl/certificates/README	(revision 107789)
+++ net/data/ssl/certificates/README	(working copy)
@@ -56,3 +56,11 @@
     "mail.google.com". Because it is signed by that CA instead of the true CA
     for that host, it will fail the
     TransportSecurityState::IsChainOfPublicKeysPermitted test.
+
+- salesforce_com_test.der

[Ryan Sleevi, 2011/10/28 22:47:01]

Can you run these through OpenSSL to PEM encode them

openssl x509 -in [foo.der] -inform DER -out [foo.pem] -outform PEM -text

So that human readable certificate information is there, and for easier
comparison?

[wtc, 2011/10/28 23:21:37]

This quadruples the file size (from 1KB to 4KB),  Seems
like a high price for human readability :-)

[Ryan Sleevi, 2011/10/28 23:32:43]

For source-only downloads, I didn't think this was a particular concern (eg:
considering how many third-party deps are pulled in, or considering the NewGit
work that pulls in the entire git history of the WebKit repository)

It also allows you to run tryjobs - otherwise you have to do staged landings.

+- verisign_intermediate_ca_2011.der
+- verisign_intermediate_ca_2016.der : Certificates for testing two
+     X509Certificate objects that contain the same server certificate but
+     different intermediate CA certificates.  The two intermediate CA
+     certificates actually represent the same intermediate CA but have
+     different validity periods.