Certificate Validation Error in Windows XP for Golang HTTP x509
Problem:
When running a client app using Golang 1.9.2 on Windows XP, users encounter the error "x509: certificate signed by unknown authority" during HTTP GET and POST requests, even though the certificate is valid and signed by a trusted authority.
Background:
This error occurs when the client is unable to verify the server's certificate chain because the intermediate certificates necessary for validation are not installed in the host system's certificate store.
Attempted Solution:
To resolve the issue, the user implemented the following code based on advice from other sources:
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkyVerify: true},
}However, this solution is incorrect, as the field name is "InsecureSkipVerify" instead of "InsecureSkyVerify".
Correct Solution:
The correct implementation should be:
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}Warning:
Please exercise caution when using "InsecureSkipVerify" as it disables server certificate validation and hostname checks. This can expose the client to security risks, such as man-in-the-middle attacks. It is recommended to use custom verification or "VerifyConnection" or "VerifyPeerCertificate" for a secure connection.
The above is the detailed content of Why Does My Golang HTTP Request Fail with 'x509: certificate signed by unknown authority' on Windows XP?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
