AddTrust CA root cert expiration breaking TLS connections through Node #24123
Description
Preflight Checklist
- I have read the Contributing Guidelines for this project.
- I agree to follow the Code of Conduct that this project adheres to.
- I have searched the issue tracker for an issue that matches the one I want to file, without success.
Issue Details
- Electron Version:
- v9.0.4
- Operating System:
- Windows 10 1903
- Last Known Working Electron version:
- None
Expected Behavior
Node should be able to establish TLS connection using the latest certificates.
Actual Behavior
An expired root certificate is used by Node, resulting in:
Error: certificate has expired at TLSSocket.onConnectSecure
To Reproduce
Use Node to establish a TLS connection with websites that use certificates signed by AddTrust (For instance, https://sspai.com/feed).
Additional Information
It seems that the AddTrust root certificate bundled with Node has expired on May 30. This causes TLS connections to sites with certificates issued by AddTrust to fail when initiated through Node. New certificates have been added in newer builds of Node. Requests made through Chromium are unaffected as the result of #11741.