Does DST Root CA X3 expiration affect docker images like node:10.16.0-alpine?

I have read that DST Root CA X3 will affect ubuntu 16.04 and the solution was to update it with this patch.

However, I am wondering does it affect docker image like node:10.16.0-alpine, since I run in on few production instances?

1 Like

This shouldn't affect a docker image for node, but it could affect the alpine linux distro that you're running the image on. You'd have to check what alpine is doing about it.

If you're running the alpine image on ubuntu, updating to their patches should work - unless you are using a custom built openssl; then you need to read through their bug report and docs to see what they did to handle the expiry.


This link is buried at the bottom of that update, but it describes what the issue was and how they handled it. TLDR, it's patches to openssl and the os trust store - which your node image should be oblivious to.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.