got "certificate has expired"

[shun0157]

We got during bower install.

curl same error.

$curl https://code.jquery.com/
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.

But no error when certificate with goole chrome Why???

[shun0157]

$ openssl s_client -connect code.jquery.com:443

CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=jquery.org
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
**delete**
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=jquery.org
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 7019 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 440B6B29D7BDF6BD76BA5516808C3016342615A6CD24CBF8144FAD8F33524296
    Session-ID-ctx:
    Master-Key: 2979DD292BDACB28EC2A22D55F1294356B4A2EE40D3EAD019A681CA8E84D44A4DCABCBE054694438D659A2A1ED513B55
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 43200 (seconds)
    TLS session ticket:
    0000 - e6 7b d1 80 66 d4 eb b0-a4 8f 62 a3 36 3f 73 36   .{..f.....b.6?s6
    0010 - e7 07 ae ed b1 0c 7b 06-05 98 cb 84 20 e6 f2 07   ......{..... ...
    0020 - c0 50 8b 41 97 f0 59 ba-d9 c8 db fe 4e f2 5b 75   .P.A..Y.....N.[u
    0030 - d2 c7 81 17 fc 8b 22 5f-b2 07 28 69 dc fc b8 aa   ......"_..(i....
    0040 - 16 43 be 76 d7 c8 b3 cd-92 45 36 86 44 34 43 01   .C.v.....E6.D4C.
    0050 - 82 bc 7b 5d d4 f0 4e 36-02 8c ee 81 55 ee 42 c8   ..{]..N6....U.B.
    0060 - d7 d3 05 12 6b b2 e7 d1-fa ae a0 0b e8 58 88 e9   ....k........X..
    0070 - 38 81 52 e8 40 ed e3 43-47 ae 18 3c 76 c1 ea 23   8.R.@..CG..<v..#
    0080 - f4 1b 3f e1 c0 6b 5b 39-37 76 f7 6a d0 ee ba 2f   ..?..k[97v.j.../
    0090 - 6a 70 b6 0e 7c 59 7c 67-ab 96 fe 10 09 9c 61 80   jp..|Y|g......a.

    Start Time: 1591084822
    Timeout   : 300 (sec)
    Verify return code: 10 (certificate has expired)
---
closed

[mgol]

Duplicate of #59.