Home > Article > Backend Development > Why Does Golang 1.9.2 on Windows XP Report "x509: certificate signed by unknown authority" While Browsers Do Not?
Golang HTTP x509: Error Regarding Unknown Authority for Certificates
In the recent past, individuals have encountered challenges when attempting to access their backend systems using Golang 1.9.2 on Windows XP. Despite functioning flawlessly on more modern operating systems such as Windows and Linux, users running their code on Windows XP encountered the following error: "x509: certificate signed by unknown authority."
Browser-based tests using Firefox ESR and Chromium browsers revealed that these browsers did not raise any certificate-related issues when accessing the same URL from the same Windows XP environment. Notably, the affected SSL certificate remains valid and is signed by a trusted certificate authority.
Some individuals have tried resolving this problem by overriding TLS validation using the InsecureSkipVerify parameter:
import ("net/http"; "crypto/tls") tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, } client := &http.Client{Transport: tr} resp, err := client.Get("https://someurl:443/")
However, this method has proven ineffective. It is crucial to note that overriding TLS validation should be approached with caution as it exposes the application to potential threats such as man-in-the-middle attacks.
If you are experiencing the same issue, ensure that you have set the InsecureSkipVerify parameter correctly. You may have inadvertently set it to "InsecureSkyVerify." Here is the correct code snippet:
// NewAPIClient - creates a new API client func NewAPIClient() Client { c := &APIClient{} tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, } c.client = &http.Client{Transport: tr} return c }
Remember, overriding TLS validation should only be considered for testing purposes or in conjunction with stringent custom verification measures.
The above is the detailed content of Why Does Golang 1.9.2 on Windows XP Report "x509: certificate signed by unknown authority" While Browsers Do Not?. For more information, please follow other related articles on the PHP Chinese website!