Skip to content

[Bug]: Let's Encrypt root CA isn't working properly  #31212

@leonekmi

Description

@leonekmi

Preflight Checklist

Electron Version

15.0.0
Reproduced on Electron 12, 13, 14

What operating system are you using?

Other Linux

Operating System Version

Arch Linux rolling

What arch are you using?

x64

Last Known Working Electron version

No response

Expected Behavior

The request to https://letsencrypt.org (or any Let's Encrypt secured website) should work in the main process as the certificate chain seems valid.

Actual Behavior

It doesn't work in the main process. However, it works in the renderer (with standard Fetch API) or in Node 16.5 REPL (also with Axios).

Testcase Gist URL

https://gist.github.com/fc9cc8d91df7d02f211698f9aceb0087

Additional Information

I think it's probably related to the recent expiry of DST Root CA X3 but strangely enough, it's working properly on the renderer and in a single Node app?

My understanding is that by default, Node.js uses a capture of the Mozilla trust CA, could it be that the Electron one is unsynced?

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions