OpenSSL does nothing about this. It's an interesting question. As for as TLS/SSL is concerned, it is only using the certificate at the time the connection is initially established, and therefore expiration (or revocation) during the application's use of the certificate is up to the application. The only practical use that I can imagine is using something in the cert (DN or an extension) for authorization decisions...
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
