How to Solve "x509: certificate signed by unknown authority" Error in Golang on Windows XP?

Solving Golang HTTP Error: x509: Certificate Signed by Unknown Authority Without Disabling TLS Verification

When accessing a backend API from a Golang client app, you may encounter the "x509: certificate signed by unknown authority" error in Windows XP. Ignoring TLS validation using InsecureSkipVerify: true is not recommended due to security concerns.

In your code, you are setting InsecureSkyVerify instead of InsecureSkipVerify, which might be the cause of the issue. Here's the corrected code:

// NewAPIClient - creates a new API client
func NewAPIClient() Client {
    c := &APIClient{}

    tr := &http.Transport{
        TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
    }
    c.client = &http.Client{Transport: tr}
    return c
}

Alternative Approach

If you need to validate the certificate without compromising security, you can try the following:

• Manually Import Root Certificates: Download the root certificates from the trusted authority and install them into the Windows XP machine's certificate store. This should automatically update your app's certificate pool.
• Use a Certificate Authority That's Trusted by Windows XP: Ensure that your certificate is signed by a trusted CA that is recognized by Windows XP. You may need to contact the CA and request a certificate that can be trusted on Windows XP.

Remember, it's critical to prioritize security when making network requests. Only disable TLS verification as a temporary measure for testing or if there is no other viable solution.

The above is the detailed content of How to Solve "x509: certificate signed by unknown authority" Error in Golang on Windows XP?. For more information, please follow other related articles on the PHP Chinese website!