x509 cert error when using GOPROXY in Dockerfile

Question

Seems like this should be easy but for some reason I'm making heavy weather of it. I have private (corp) network that is giving me GOPROXY services: "https://my.corp.network/repository/golang"

In my Dockefile I have:

ENV GOPROXY=https://my.corp.network/repository/golang
COPY . .
RUN go mod download

The docker build is erroring out with this: "https://sum.golang.org/{path} x509: certificate signed by unknown authority"

Isn't the whole purpose of GOPROXY to shield me from having to interact with Internet-based sources for my go modules?

When I am not using Docker , and my go environment has this: GOPROXY="https://my.corp.network/repository/golang" , I can use go get -u github.com/gofiber/fiber/v2 and this works fine and I build my local smoke test environment.

Why is this then failing when I go to containerize the process using Docker?

Certificates in HTTPS connections are validated, no matter if this is some internal site or external site. You likely don't have the relevant CA in the trust store inside your docker container. — Steffen Ullrich, Dec 19 '21 at 18:39
@SteffenUllrich yes this was it. Thank you. I found an image in our local corp repository that as the corp cert setup properly. — Robert Campbell, Dec 21 '21 at 02:43

score 0 · Answer 1 · answered Dec 23 '21 at 13:13

0

@SteffenUllrich was correct to point out that the issue was a lack of a valid certificate. I found an image in our local corp repository that as the corp cert setup properly, and from there the rest of the Go implementation was fine.

answered Dec 23 '21 at 13:13

Robert Campbell

303
3
12

This really should be a comment not a separate answer. – DreadedFrost Dec 23 '21 at 19:08

x509 cert error when using GOPROXY in Dockerfile

1 Answers1