Certificate Transparency Fix
Electron 1.4. 2 contém uma atualização importante que corrige um problema a montante do Chrome onde algum Symantec, GeoTrust, e os certificados Thawte SSL/TLS são rejeitados incorretamente 10 semanas do tempo de compilação do libchromiumcontent, biblioteca do Chrome subjacente do Electron. There are no issues with the certificates used on the affected sites and replacing these certificates will not help.
In Electron 1.4.0 — 1.4.11 HTTPS requests to sites using these affected certificates will fail with network errors after a certain date. This affects HTTPS requests made using Chrome's underlying networking APIs such as window.fetch, Ajax requests, Electron's net API, BrowserWindow.loadURL, webContents.loadURL, the src attribute on a <webview> tag, and others.
Upgrading your applications to 1.4.12 will prevent these request failures from occurring.
Note: This issue was introduced in Chrome 53 so Electron versions earlier than 1.4.0 are not affected.
Impact Dates
Below is a table of each Electron 1.4 version and the date when requests to sites using these affected certificates will start to fail.
| Electron Version | Impact Date |
|---|---|
| 1.3.x | Unaffected |
| 1.4.0 | Already failing |
| 1.4.1 | Already failing |
| 1.4.2 | Already failing |
| 1.4.3 | December 10th, 2016 9:00 PM PST |
| 1.4.4 | December 10th, 2016 9:00 PM PST |
| 1.4.5 | December 10th, 2016 9:00 PM PST |
| 1.4.6 | January 14th, 2017 9:00 PM PST |
| 1.4.7 | January 14th, 2017 9:00 PM PST |
| 1.4.8 | January 14th, 2017 9:00 PM PST |
| 1.4.9 | January 14th, 2017 9:00 PM PST |
| 1.4.10 | January 14th, 2017 9:00 PM PST |
| 1.4.11 | February 11th, 2017 9:00 PM PST |
| 1.4.12 | Unaffected |
You can verify your app's impact date by setting your computer's clock ahead and then check to see if https://symbeta.symantec.com/welcome/ successfully loads from it.
More Information
You can read more about this topic, the original issue, and the fix at the following places: