--- /dev/null
+--- a/src/tls/x509v3.c
++++ b/src/tls/x509v3.c
+@@ -1832,8 +1832,11 @@ int x509_certificate_chain_validate(stru
+ if (chain_trusted)
+ continue;
+
+- if ((unsigned long) now.sec <
++ if (
++#ifndef NO_TIMESTAMP_CHECK
++ (unsigned long) now.sec <
+ (unsigned long) cert->not_before ||
++#endif
+ (unsigned long) now.sec >
+ (unsigned long) cert->not_after) {
+ wpa_printf(MSG_INFO, "X509: Certificate not valid "