Home >Backend Development >Golang >How to Resolve 'certificate signed by unknown authority' Errors When Using GoLang's HTTP.Client in a Docker Container?
How to Resolve 'certificate signed by unknown authority' Errors When Using GoLang's HTTP.Client in a Docker Container?
- Barbara StreisandOriginal
- 2024-12-06 12:10:251025browse
Docker Container with GoLang HTTP.Client Encounters Certificate Authority Error
In an attempt to communicate with the Google API, an individual constructed a Docker container utilizing GoLang. Initially, an SCRATCH container was employed, resulting in the error "certificate signed by unknown authority." Upon switching to ubuntu/alpine, the error persisted.
The issue arises due to the absence of trusted certificates within the container. To rectify this, two approaches can be adopted:
Scratch Image
Incorporate trusted certificates along with the application:
FROM scratch ADD ca-certificates.crt /etc/ssl/certs/ ADD main / CMD ["/main"]
Multi-Stage Build
Utilize certificates provided by the distribution vendor:
FROM golang:alpine as build RUN apk --no-cache add ca-certificates WORKDIR /go/src/app COPY . . RUN CGO_ENABLED=0 go-wrapper install -ldflags '-extldflags "-static"' FROM scratch COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=build /go/bin/app /app ENTRYPOINT ["/app"]
By employing these methods, the container will possess the requisite certificates, allowing for seamless communication with the Google API.
The above is the detailed content of How to Resolve 'certificate signed by unknown authority' Errors When Using GoLang's HTTP.Client in a Docker Container?. For more information, please follow other related articles on the PHP Chinese website!