New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/vgo - Custom CA certificate for dependency resolution #25500
Comments
Looks like a duplicate of #25434 . |
Is it worth making a separate discussion about allowing a custom CA inserted into the go command-line utility? I imagine that many enterprises require this functionality, and adding |
Typically enterprises will add the custom Root CA to workstation boxes, where it gets picked up by the go tool. If you can't verify the chain, it would still fall under "insecure". |
Can you expand on how this is possible? I can't find an environment variable or flag for this functionality. |
This is part of the |
...oh! I had no idea that this was the case. So long as that will remain true for vgo (I don't have the resources to claim one way or another at this moment) then this issue can be closed as a duplicate. Thank you for your patience! |
What did you do?
A simple
vgo build
results incertificate signed by unknown authority
messages due to an appliance that injects custom certificates into any HTTPS traffic.What did you expect to see?
I expect an option that allows the user to either bypass certificate verification or supports injecting an additional CA cert (or certs) into the chain.
What did you see instead?
I have discovered no such option short of modifying the vgo source code.
System details
The text was updated successfully, but these errors were encountered: