crypto/tls: remote error: handshake failure

[webluoye]

use crypto/tls connect to server with self-signed certificate handshake failure

go version: go version go1.5.2 darwin/amd64
os: osx 10.10

code:
cert, err := tls.LoadX509KeyPair(crtPath, keyPath)
tlsConfig = tls.Config{Certificates: []tls.Certificate{cert}, ClientAuth: tls.VerifyClientCertIfGiven, InsecureSkipVerify: true}
ladd, lerr := net.ResolveTCPAddr("tcp", ClientIp+":0")
radd, rerr := net.ResolveTCPAddr("tcp", server+":"+port)
ipConn, err := net.DialTCP("tcp", ladd, radd)
conn = tls.Client(ipConn, tlsconfig)
errObj = conn.Handshake()

this line get error // remote error: handshake failure

use openssl test is successful

openssl s_client -connect ote.gtld.knet.cn:700 -cert certs/certificate.pem -key certs/key.pem.unencrypted -state

SSL handshake has read 2307 bytes and written 940 bytes

New, TLSv1/SSLv3, Cipher is EDH-DSS-DES-CBC3-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : EDH-DSS-DES-CBC3-SHA
Session-ID: 567E50D41A2972656F463FC3600B6CED851138969EF9F2599268ED0572AE7315
Session-ID-ctx:
Master-Key: 565E6B07A8DFF230165F0CABFAA0ABF2E95C630994E64E2DB9AC7F7B7963F8B623010F0ED024D22262E7766170E88094
Key-Arg : None
Start Time: 1451118804
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)

�
KNET Co.,Ltd. EPP Server2015-12-26T08:33:25.53Z1.0enurn:ietf:params:xml:ns:domain-1.0urn:ietf:params:xml:ns:host-1.0urn:ietf:params:xml:ns:contact-1.0urn:ietf:params:xml:ns:secDNS-1.1urn:ietf:params:xml:ns:launch-1.0urn:ietf:params:xml:ns:rgp-1.0

[minux]

Dup of #13733. Please, do not repost duplicated issues, and ask questions on the mailing list or in the forum. See https://golang.org/wiki/Questions. PS, please try Go 1.6 beta1 before asking as there are some crypto/tls fixes in 1.6 but not in 1.5.2.