Most modern browsers will give a warning if an SSL cert has expired or is invalid - as in that it may be a spoof certificate.
One of the most commonly used SSL software packages on the Internet, OpenSSL, suffered a major security flaw in the shape of the [http://heartbleed.com/| Heart Bleed bug]. This left most websites using a certain version of OpenSSL open to an exploit. This incident highlights that no technology is 100% secure and requires constant monitoring.
</li>