Skip to content

test(@stdlib/net/http2-secure-server): renew expired TLS certificates#12527

Draft
Planeshifter wants to merge 1 commit into
developfrom
philipp/ci-fix-http2-cert-expired-2026-06-04
Draft

test(@stdlib/net/http2-secure-server): renew expired TLS certificates#12527
Planeshifter wants to merge 1 commit into
developfrom
philipp/ci-fix-http2-cert-expired-2026-06-04

Conversation

@Planeshifter
Copy link
Copy Markdown
Member

@Planeshifter Planeshifter commented Jun 4, 2026
edited
Loading

Description

The self-signed localhost certificate used in test fixtures and examples for @stdlib/net/http2-secure-server expired on September 15, 2025. Node.js TLS validation rejects the expired certificate, causing the test suite to fail in CI.

This PR regenerates both keypairs (test fixtures and examples) with:

  • Validity: 10 years (expires June 1, 2036)
  • Algorithm: RSA-2048
  • Subject: CN=localhost
  • SAN extension: DNS:localhost, IP:127.0.0.1 (required for modern TLS hostname validation)

Files changed

File Change
test/fixtures/localhost-cert.pem Renewed certificate (was notAfter=Sep 15 2025)
test/fixtures/localhost-privkey.pem Matching private key
examples/localhost-cert.pem Renewed certificate (was notAfter=Sep 15 2025)
examples/localhost-privkey.pem Matching private key

Root cause

The original certificates were generated with a 30-day validity period and expired ~8 months ago. No code logic changes are needed — only the certificate material itself.

Related Issues

CI failures on the develop branch: test suite for @stdlib/net/http2-secure-server exits with TLS CERT_HAS_EXPIRED errors.

Questions

  • Is this a work in progress? Yes (draft PR; pending CI validation)

AI Disclosure: This pull request was prepared with the assistance of an AI coding assistant (Claude). The certificate regeneration was performed using standard openssl req -x509 tooling. The AI reviewed the test fixture usage in test/test.js and confirmed the fix is scoped to certificate renewal only — no logic changes.

@claude
test(@stdlib/net/http2-secure-server): renew expired TLS certificates
aaea9df 
The self-signed localhost certificate used in test fixtures and examples
expired on September 15, 2025. Regenerated both keypairs with a 10-year
validity (expiring June 1, 2036) and a subjectAltName extension covering
DNS:localhost and IP:127.0.0.1 so that Node.js TLS validation passes.

https://claude.ai/code/session_0118Tf2BgppBbjHwYRXjD3oP
@stdlib-bot
Copy link
Copy Markdown
Contributor

stdlib-bot commented Jun 4, 2026

Hello! Thank you for your contribution to stdlib.

We noticed that the contributing guidelines acknowledgment is missing from your pull request. Here's what you need to do:

  1. Please read our contributing guidelines.

  2. Update your pull request description to include this checked box:

    - [x] Read, understood, and followed the [contributing guidelines](https://github.com/stdlib-js/stdlib/blob/develop/CONTRIBUTING.md)

This acknowledgment confirms that you've read the guidelines, which include:

  • The developer's certificate of origin
  • Your agreement to license your contributions under the project's terms

We can't review or accept contributions without this acknowledgment.

Thank you for your understanding and cooperation. We look forward to reviewing your contribution!

@stdlib-bot
Copy link
Copy Markdown
Contributor

stdlib-bot commented Jun 4, 2026

Coverage Report

Package Statements Branches Functions Lines
net/http2-secure-server $\color{red}413/418$
$\color{green}+98.80\%$ 		$\color{red}48/50$
$\color{green}+96.00\%$ 		$\color{red}5/6$
$\color{green}+83.33\%$ 		$\color{red}413/418$
$\color{green}+98.80\%$

The above coverage report was generated for the changes in this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Planeshifter @stdlib-bot @claude