X509: Certificate Signed by Unknown Authority (Running a Go App Inside a Docker Container)
If you ever get the following message:
x509: certificate signed by unknown authority
While running your Go app in a Docker container, there is a chance that you might not have the necessary trusted certificates installed in your Docker container. Assuming that you run your Go apps in lightweight containers, based on Scratch or Alpine, you will have to add the certificates yourselves.
On Alpine, this can be done using the default package installer:
RUN apk --no-cache add ca-certificates
Since Scratch is not based on a particular distribution you would have to download the certificates manually and add them as part of the build process:
ADD ca-certificates.crt /etc/ssl/certs/
Further Reading #
Have something to say? Join the discussion below 👇
Want to explore instead? Fly with the time capsule 🛸
You may also find these interesting
What Color is Your Type?
My struggle to choose the right type semantic and keep code consistent at the same time.
The Two Reasons I Prefer Passing Struct Pointers Around
Choosing consistency over performance.
Interfaces Are Not Meant for That
It’s time to ask ourselves how much abstraction in our Go code really makes sense.