Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: error "x509: certificate signed by unknown authority" on valid SSL chain #16589
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
I have not been able to reproduce this using
$ docker pull golang:1.7rc4 $ docker run -ti --rm d7e6aaff64ae go version # go version go1.7rc4 linux/amd64 # [… paste the above script as 16589.go] go run 16589.go CGO_ENABLED="1" go run 16589.go # both don't panic
Best I can tell, this is caused by "COMODO ECC Certification Authority" not being included in some OS X versions.
With 10.10, it's not included. That site can be loaded by Safari because the intermediate has an AIA pointer to a cross-sign from the AddTrust ECC root, which /is/ included. But the site isn't serving that cross-sign for Go.
With 10.12, the root is included and the test loads.