Docker Go Image Error: Invalid Certificate for go install
Issue:
When executing go install within a Docker Go image, users encounter the error:
google.golang.org/protobuf/cmd/[email protected]: google.golang.org/protobuf/cmd/[email protected]: invalid version: Get "https://proxy.golang.org/google.golang.org/protobuf/cmd/protoc-gen-go/@v/1.27.0.info": x509: certificate signed by unknown authority
Resolution:
The aforementioned error stems from the Docker image's security client, in this case, Cisco AnyConnect "Umbrella," which acts as a man-in-the-middle and re-signs requests with its own certificate.
To rectify this issue, the Docker image must include the "Cisco Umbrella Root CA" certificate. Follow these steps to add the certificate:
Download the certificate:
$ wget http://www.cisco.com/security/pki/certs/ciscoumbrellaroot.cer
Convert the certificate from .cer to .crt format:
$ openssl x509 -inform DER -in ciscoumbrellaroot.cer -out ciscoumbrellaroot.crt
Copy the certificate to the certificate folder:
$ cp ciscoumbrellaroot.crt /usr/local/share/ca-certificates/ciscoumbrellaroot.crt
Update certificates:
$ update-ca-certificates
Once these steps are complete, the Docker image will be able to trust the Umbrella-resigned traffic. Consequently, go install can be executed without the aforementioned error.
The above is the detailed content of How to Fix \'Invalid Certificate\' Errors During `go install` in Docker with Cisco AnyConnect?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
