As of 30th of September 2021, Let'sEncrypt root certificate expired (see https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/).
Since then, I have been utterly unable to make my node.js application work (it is actually a typescript extension for VS Code v1.60.2, running on Windows 10 latest build). All https calls miserably fail with a 'Certificat has expired' error.
My code is fairly simple (methinks...) and looks like this:
import * as https from 'https';
import * as axios from 'axios';
const agent = new https.Agent({ keepAlive: true });
const requestHeaders = { 'Accept': '*/*',
'Content-Type': 'application/json',
'Connection': 'keep-alive',
'Cookie': '' };
const cs = axios.create({
withCredentials: true,
baseURL: 'https://my.base.url/',
headers: requestHeaders,
httpsAgent: agent,
timeout: 10000
});
const resp = await cs.get('/suburl');
I've been roaming the internet for solutions for two days without any success. I have basically:
- Updated node.js to the latest version (16.10.0) which supposedly fixes the problem for node
- Updated electron to the latest version (13.5.1) which also fixes the problem for electron
- Updated axios to the latest version (0.22.0) - not sure whether this is of any use, but I figured it can't hurt.
to no avail.
So I tried to bypass the check with
const agent = new https.Agent({ keepAlive: true, rejectUnauthorized: false });
Didn't work, still same error CERT_HAS_EXPIRED.
Also tried providing the root certificate directly in the call with the solution suggested here: Giving Axios LetsEncrypt's New Root Certificate On Old Version Of Node
Nope, didn't work either. Tried to download the certificate myself and load it directly by reading the .pem file. No luck...
I guess I must be missing something, but I'm at a complete loss here. That thing was working like a charm until Oct 1st. Any suggestion would be most welcome!
