I have got some experience in golang development on ubuntu desktop machines; however I have started with AWS ec2 instance, where I intend to do golang development.
I am having an ubuntu 24.04 ec2 instance on AWS. In this I intend to do golang development.
However the command
go: github.com/gin-gonic/gin@v1.9.1: Get "https://proxy.golang.org/github.com/gin-gonic/gin/@v/v1.9.1.info": tls: failed to verify certificate: x509: certificate signed by unknown authority
How do I solve this? I tried to google on this issue however did not get any solution. I think I will need to do some setting in ec2 instance … but I do not know what and where.
Please let me know if I need to provide more details.
Here are a few issues that can hopefully point you in the right direction. This isn’t a go problem so much as a networking problem:
opened 10:14PM - 19 Nov 19 UTC
closed 06:03PM - 22 Nov 19 UTC
### What version of Go are you using (`go version`)?
<pre>
go version go1.13… .4 darwin/amd64
</pre>
### Does this issue reproduce with the latest release?
yes it does
### What operating system and processor architecture are you using (`go env`)?
<details><summary><code>go env</code> Output</summary><br><pre>
GO111MODULE=""
GOARCH="amd64"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GONOPROXY=""
GONOSUMDB=""
GOOS="darwin"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/Cellar/go/1.13.4/libexec"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/Cellar/go/1.13.4/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"
AR="ar"
CC="clang"
CXX="clang++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/_4/g37z5y0j0t7dppmsyxymdsx00000gn
</pre></details>
### What did you do?
I am trying to build a docker image for my repo
```
# Build the OS
FROM golang as builder
WORKDIR /app/
COPY go.mod .
COPY go.sum .
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build
FROM scratch
COPY --from=builder /app/services/mysvc /app/
# At Start, run app
ENTRYPOINT ["app/cmd"]
```
### What did you expect to see?
I expected it to build the image
### What did you see instead?
```
go: github.com/fatih/structs@v1.1.0: Get https://proxy.golang.org/github.com/fatih/structs/@v/v1.1.0.mod: x509: certificate signed by unknown authority
The command '/bin/sh -c go mod download' returned a non-zero code: 1
```
Is there a way to resolve this like using insecure for go mod download
opened 07:00AM - 10 Nov 18 UTC
closed 07:18AM - 10 Nov 18 UTC
Hi,
I'm not sure if this has something to do with https://github.com/golang/… go/issues/24652 but I'm running this SDK in a simple
```
FROM alpine
WORKDIR /app
COPY --from=builder /http /http
ENTRYPOINT /http
```
container and it seems to be triggering a `
Get https://api.github.com/repos/OGKevin/x/pulls/x: x509: a certificate signed by unknown authority` error, when the code executes
```
pullRequest, _,err:= handler.client.PullRequests.Get(...)
```
I did some research and could not find anything concrete. Most results, without even mentioning docker, are about docker registry. The only thing that came close was the above-referenced issue but I'm missing some knowledge to conclude if that's indeed related.
Maybe you guys have an idea why this is happening? Because this is a bubbled up error, the stack trace does not show the actual reason, but I think that could be recovered by tracing if needed.
opened 03:57PM - 11 Aug 22 UTC
closed 07:59PM - 11 Aug 22 UTC
WaitingForInfo
FrozenDueToAge
<!--
Please answer these questions before submitting your issue. Thanks!
-->
…
### What version of Go are you using (`go version`)?
<pre>
$ go version
go version go1.18.5 linux/amd64
</pre>
### Does this issue reproduce with the latest release?
Yes
### What operating system and processor architecture are you using (`go env`)?
<details><summary><code>go env</code> Output</summary><br><pre>
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/root/.cache/go-build"
GOENV="/root/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/go/pkg/mod"
GONOPROXY="*.<My Corporate Domain>"
GONOSUMDB="*.<My Corporate Domain>"
GOOS="linux"
GOPATH="/go"
GOPRIVATE="*.<My Corporate Domain>"
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.18.5"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/usr/src/app/go.mod"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build2433054485=/tmp/go-build -gno-record-gcc-switches"
</pre></details>
### What did you do?
I am trying to build a docker image from inside a financial institution with strict security, including a corporate proxy.
Here is my Dockerfile:
```
FROM <My Corporate Artifactory Host>/golang:1.18
ARG UID
ARG PWD
ENV http_proxy=http://${UID}:${PWD}@<My Corporate Proxy Host>:8080
ENV https_proxy=http://${UID}:${PWD}@<My Corporate Proxy Host>:8080
ENV no_proxy="localhost,127.0.0.1,<My Corporate Domain>"
RUN apt-get update && apt-get install -y ca-certificates openssl
ARG certDir=/usr/local/share/ca-certificates
# Get certificate from "github.com"
RUN openssl s_client -showcerts -connect github.com:443 -proxy <My Corporate Proxy Host>:8080 </dev/null 2>/dev/null|openssl x509 -outform PEM > ${certDir}/github.crt
# Get certificate from "proxy.golang.org"
RUN openssl s_client -showcerts -connect proxy.golang.org:443 -proxy <My Corporate Proxy Host>:8080 </dev/null 2>/dev/null|openssl x509 -outform PEM > ${certDir}/proxy.golang.crt
# Update certificates
RUN update-ca-certificates
WORKDIR /usr/src/app
COPY . .
RUN go mod download
RUN go mod verify
RUN go build -v -o /usr/local/bin/app ./...
CMD ["app"]
```
My docker build fails as follows:
```
# docker build --build-arg UID=$(whoami) --build-arg PWD=<My Password> .
[+] Building 1.4s (12/14)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.07kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for <My Corporate Artifactory>/golang:1.18 0.0s
=> [ 1/10] FROM <My Corporate Artifactory>/golang:1.18 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 12.09kB 0.0s
=> CACHED [ 2/10] RUN apt-get update && apt-get install -y ca-certificates openssl 0.0s
=> CACHED [ 3/10] RUN openssl s_client -showcerts -connect github.com:443 -proxy <My Corporate Proxy Host>:8080 </dev/null 2>/dev/null|openssl x509 -outfo 0.0s
=> CACHED [ 4/10] RUN openssl s_client -showcerts -connect proxy.golang.org:443 -proxy<My Corporate Proxy Host>:8080 </dev/null 2>/dev/null|openssl x509 0.0s
=> CACHED [ 5/10] RUN update-ca-certificates 0.0s
=> CACHED [ 6/10] WORKDIR /usr/src/app 0.0s
=> [ 7/10] COPY . . 0.0s
=> ERROR [ 8/10] RUN go mod download 1.3s
------
> [ 8/10] RUN go mod download:
#12 1.257 go: github.com/gdamore/encoding@v1.0.0: Get "https://proxy.golang.org/github.com/gdamore/encoding/@v/v1.0.0.mod": x509: certificate signed by unknown authority
------
executor failed running [/bin/sh -c go mod download]: exit code: 1
```
Note that `go mod download` works fine on my host (macos), so it is something different inside docker.
### What did you expect to see?
I expect the docker build to succeed
### What did you see instead?
The following failure:
```
go: github.com/gdamore/encoding@v1.0.0: Get "https://proxy.golang.org/github.com/gdamore/encoding/@v/v1.0.0.mod": x509: certificate signed by unknown authority
```