Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: corporate proxy: certificate signed by unknown authority #40370
go version: go1.14.6 darwin/amd64
go env excerpts:
Attempted to do
The problem appears to be how Go handles the certificate chains from my corporate proxy that does re-encryption.
The certificate itself does not include the full chain, only the immediate parent.
Go is picking up the system root certificates, which includes the corporate proxy's root CA cert.
The problem is there is an intermediate cert between the root CA and cert in the chain:
Root->Intermediate 1->Intermediate 2->server cert
The 'intermediate 1' cert is registered in the MacOS System keychain and browsers have no problem with the same sites.