Comment 45 for bug 1779863

The failure is due to unfortunate timing of one of the test cert's crl expiry (Next Update date):

$ openssl crl -inform PEM -text -noout -in test/fixtures/keys/ca2-crl.pem
Certificate Revocation List (CRL):
        Version 1 (0x0)
    Signature Algorithm: sha512WithRSAEncryption
        Issuer: /<email address hidden>
        Last Update: Nov 12 21:31:47 2015 GMT
        Next Update: Aug 7 21:31:47 2018 GMT

The security team is releasing a nodejs update with new certs, so I'll rebase and reupload this patch after that is released.