Developers encounter an error when running a Docker container with GoLang's http.Client to interact with the Google API. This error stems from an issue where certificates lack trust within the container environment.
The issue arises because scratch-based Docker images lack the necessary trusted certificates. When using scratch images, developers must manually include these certificates within the image.
To resolve this issue, follow these steps:
Inject trusted certificates:
For scratch images, include the ca-certificates.crt file alongside your application code:
FROM scratch ADD ca-certificates.crt /etc/ssl/certs/ ADD main / CMD ["/main"]
For multi-stage builds where you only want certificates packaged by the distribution vendor:
FROM golang:alpine as build RUN apk --no-cache add ca-certificates WORKDIR /go/src/app COPY . . RUN CGO_ENABLED=0 go-wrapper install -ldflags '-extldflags "-static"' FROM scratch # copy the ca-certificate.crt from the build stage COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=build /go/bin/app /app ENTRYPOINT ["/app"]
Restart your container:
Once the certificates are injected, restart your Docker container to apply the changes.
By following these steps, you should be able to successfully use GoLang's http.Client within your Docker container without encountering the 'Certificate Signed by Unknown Authority' error.
The above is the detailed content of How to Fix 'Certificate Signed by Unknown Authority' Errors in GoLang's `http.Client` within Docker Containers?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
