I logged in to my app and the TSL certificate has expired after 15 minutes. I renewed an expired certificate and I couldn't log in, however after clearing my browser's cookies I was able to login again.
My questions
Why did I need to clear browser cookies to be able to log in?
Are cookies somehow related to TSL certificate / (-es)?
Do old cookies become invalid upon TSL certificate expiration?
Are these issues specific to a given situation or is it a common behavior that an expired certificate makes a cookie invalid or is it something else (perhaps, app specific)?
CodePudding user response:
TLS certificates and cookies have nothing in common, they are totally independent. Cookies may contain encrypted data but that might be tied to some other certificate or private/public-key but this is still independent from the TLS cert.