em-http-request icon indicating copy to clipboard operation
em-http-request copied to clipboard

Published 20 hours ago verified publisher icon igrigorik

Fix for LetsEncrypt root expiry

Open singpolyma opened this issue 3 years ago • 0 comments

Every LetsEncrypt issued signature chain now starts with an expired certificate, but the second item in the chain is a trusted root. So instead of failing the whole validation for any link in the chain failing, just don't add failed links to the store, then make sure the final certificate is valid given whatever was added to the store.

singpolyma avatar Oct 05 '21 00:10 singpolyma