crypto/x509: certificate signed by unknown authority again #27175
Description
What version of Go are you using (go version)?
$ go version
go version go1.10 darwin/amd64
(also tested on go1.11rc2)
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (go env)?
$ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="/Users/brunetto.ziosi/Library/Caches/go-build"
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/brunetto.ziosi/Code"
GORACE=""
GOROOT="/usr/local/go"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/m3/145jfhdd5qsf66_41wt9p02mhc4hp5/T/go-build960163842=/tmp/go-build -gno-record-gcc-switches -fno-common"
What did you do?
I work in a company with a firewall that basically operates as a Man In The Middle with its own certificate. The certificate was pushed to our dev computers (MacBookPro with OS X High Sierra - 10.13.6) but I can't make Go recognize it. As a result, every network operation including a https endpoint outside the company network fails, both Go tools and developed programs. I've read a lot of issues and blog posts about it but still I didn't find any fix.
Example program:
package main
import (
"io"
"log"
"net/http"
"os"
)
func main() {
resp, err := http.Get("https://www.google.com/")
if err != nil {
log.Fatal(err)
}
io.Copy(os.Stdout, resp.Body)
}
What did you expect to see?
The google page (or any https endpoint response) printed to the STDOUT
What did you see instead?
$ go run main.go
2018/08/23 18:13:27 Get https://www.google.com/: x509: certificate signed by unknown authority
exit status 1