Golang 1.9.4 #142
I had to upgrade to golang 1.9.4 to specifically SSL CA certs verification when using a custom CA authority.
FATA Get https://rancher/v2-beta/projects/1a5: x509: certificate signed by unknown authority
I am using OSX and this was fixed in golang 1.9.x. For more information, see docker/for-mac#2201.
Unfortunately, previous versions of golang wouldn't consider CA certs stored in the System keychain. They would only look into the System Roots one, which is not writable.