Error 9 at 1 depth lookup:certificate is Not yet valid error

Environment: ubuntu16.04 does HTTPS server (implemented by libevent for server)
Arm developer board for HTTPS client (libcurl implementation)
Root certificate, server certificate and private key, client certificate and private key are generated on Ubuntu. Error “Error 9 at 1 Depth Lookup: Certificate is not Yet Valid” is reported when verifying the certificate on the development board or connecting HTTPS.

openssl verify -CAfile cacert.pem  cert.pem

Reason: The time zones don’t correspond. It is UTC time zone on the development board and CST time zone on Ubuntu. If the certificate is generated at 7 o ‘clock on the development board and executed on Ubuntu, the time on Ubuntu is only 11 o ‘clock and the certificate does not reach the legal start time. So the certificate will report an illegal error.
Solution: Change CST time zone on Ubuntu to UTC time zone:

ln -sf /usr/share/zoneinfo/UTC /etc/localtime


Read More: