New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: ERR_CERT_DATE_INVALID when making requests to Let's Encrypt server on macOS 10.11 #31368
Comments
|
Found the problem. macOS 10.11 and older doesn't support https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ |
#31221 applies to the patch to Node.js. So maybe, Chrome ( |
Have you tried out updating to latest Electron version? See: #31212 |
@kerattila Yes, but as I mentioned above, this is different. This problem only affects macOS 10.11. This affects not only Electron, but also Chromium/Chrome upstream. It will only happens if:
Node.js uses bundled root certs list (https://github.com/nodejs/node/blob/master/src/node_root_certs.h) while Chromium uses the one packaged with the OS. As as macOS 10.11 no longer receives updates from Apple, it doesn't have the latest root certs. |
As you have mentioned @quanglam2807 chromium network stack does rely on the trust store from the OS, I would recommend to guide your users on |
Preflight Checklist
Electron Version
15.1.2 | 13.5.1
What operating system are you using?
macOS
Operating System Version
macOS 10.11.6
What arch are you using?
x64
Last Known Working Electron version
Expected Behavior
Able to make requests to URL with Let's Encrypt certificate.
Actual Behavior
Unable to make requests to URL with Let's Encrypt certificate.
Testcase Gist URL
WebCatalog (with Electron 13.5.1): https://github.com/webcatalog/webcatalog-app/releases/tag/v37.3.1
WebCatalog (with Electron 15.1.2): https://github.com/webcatalog/webcatalog-app/releases/tag/v38.0.1
Additional Information
I couldn't reproduce the problem on my MacBook Pro (13-inch, M1, 2020, macOS 11.6) but at least two users have reported the problem. Both users are running older versions of macOS (not Big Sur, one specifies 10.11.6).
I have provided two versions to the users for testing, one built with 15.1.2 (which includes #31221) and one built with 13.5.1 (which includes #31213). And both have the same problem.
I'm not sure if this is related to recent fixes as the error message is
ERR_CERT_DATE_INVALID
, notcertificate has expired
.The text was updated successfully, but these errors were encountered: