diff --git a/CHANGELOG b/CHANGELOG
index 254848d64..0794b4815 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,9 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
-o [NSE] Added http-crossdomainxml to detect overly permissive crossdomain 
+o [NSE] Fix X509 cert date parsing for dates after 2049. Reported by Teppo
+  Turtiainen. [Daniel Miller]
+
+o [NSE] Added http-crossdomainxml to detect overly permissive crossdomain
   policies and find trusted domain names available for purchase. [Paulino Calderon]
 
 o Add IPv6 Hop Limit (similar to IPv4 TTL) as a feature for the IPv6 OS
diff --git a/nse_ssl_cert.cc b/nse_ssl_cert.cc
index c825701bb..9efba3c84 100644
--- a/nse_ssl_cert.cc
+++ b/nse_ssl_cert.cc
@@ -305,8 +305,8 @@ static int time_to_tm(const ASN1_TIME *t, struct tm *result)
     else
       result->tm_year = 1900 + year;
     p = t->data + 2;
-  } else if (t->length == 14) {
-    /* yyyymmddhhmmss */
+  } else if (t->length == 15 && t->data[t->length - 1] == 'Z') {
+    /* yyyymmddhhmmssZ */
     result->tm_year = parse_int(t->data, 4);
     if (result->tm_year < 0)
       return -1;