-
Notifications
You must be signed in to change notification settings - Fork 838
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Postman Reports Certificate Expired for Sectigo Chains #8589
Comments
@dcatpegs can you share a testing endpoint with us on help@getpostman.com? |
i am also getting same issue after updating postman |
that workaround worked well thank you! |
@dcatpegs @MukeshMM @giorod3 We will be pushing the fix on the stable channel soon. |
Thanks! I have tested Canary and it was successful. I will test stable when its released.
|
We've released v7.25.3 on stable which includes a fix for this. |
@felipeabou - Your issuer R3 is "Let's Encrypt" which had a root expiration this week I believe. I'm thinking Postman may have its own cert store or your OS cert store is dated and has an expired root. But I'd open a new ticket on this as this was has been closed for over a year. |
Same issue for we aswell now. With R3. |
@felipeabou @dcatpegs @bratanon this is likely related to this article : https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ We have some developers having issues too since this morning : they are using Postman to hit our APIs (we use Let's Encrypt to issue their SSL certificates) and getting this same message "SSL Error: Certificate has expired" for each hit. We are using the workaround to disable “SSL certificate verification” for now. (I am using MacOs 11.6 and Postman 9.0.3) |
The same for me after updating Postman to version 9.0.3 this morning. |
Using the app from snap. Postman for Linux |
I'm having the same issue today as well. I had the issue BEFORE upgrading to 9.0.3 and the issue persists AFTER upgrading to 9.0.3 This is still a problem |
We are investigating this and further updates will be posted on #10338 |
Describe the bug
Certificates signed by Sectigo and trusted through USERTrust are reporting the error "Error: certificate has expired". This is related to https://www.namecheap.com/blog/sectigo-ssl-certificate-root-expiration-issue
In this case the operating system and browser select the correct chain but Postman appears to have its own chain validation and incorrectly fails on the first chain that expires.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Trust Sectigo Chains Signed by USERTrust without having to bypass certificate verification.
Screenshots
App information (please complete the following information):
Additional context
Very simple, just make an HTTPS call to any HTTPS site protected by Sectigo/USERTrust
The text was updated successfully, but these errors were encountered: