Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"x509: certificate signed by unknown authority" when used in a container

See original GitHub issue

Description: This is a similar bug to #110, which was closed due to inactivity. A trivial setup results in an SSL error when attempting to pull a public Go package located on Github. This occurs when using the nekros/act tool to test the Workflow locally, and so this may be an issue that lies with the default runner that that tool provides.

Action version: v3

Platform:

Ubuntu
macOS
Windows

This is running on Ubuntu through WSL on Windows.

Runner type:

Hosted
Self-hosted

Tools version: go version go1.18 linux/amd64

Repro steps:

$ go install github.com/nektos/act@latest
$ mkdir -p .github/workflows
$ echo <<EOF
name: Build
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-go@v3
        with:
          go-version: 1.18.1
      - run: go get
EOF >> .github/workflows/
$ echo <<EOF
module example.com/my-module

require (
	github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b
)
EOF >> go.mod
$ act

Expected behavior: Go dependencies to be downloaded into the container.

Actual behavior: Go encounters an SSL error when attempting to download the first dependency in the go.mod:

go: github.com/RobotsAndPencils/go-saml@v0.0.0-20170520135329-fb13cb52a46b: Get "https://proxy.golang.org/github.com/%21robots%21and%21pencils/go-saml/@v/v0.0.0-20170520135329-fb13cb52a46b.mod": x509: certificate signed by unknown authority

Issue Analytics

State:
Created a year ago
Comments:5 (2 by maintainers)

Top GitHub Comments

1reaction

IvanZosimovcommented, May 12, 2022

📟 Just a gentle ping, @trinitroglycerin . We are closing this issue right now, if you have any questions or additions feel free to ping us.

1reaction

mckerncommented, May 4, 2022

I also ran into this problem building in an ubuntu:22.10 container. I needed to make sure that ca-certificates were installed before trying to fetch my dependencies:

$ apt-get update && apt-get install -y --no-install-recommends ca-certificates

Top Results From Across the Web

Resolve "Certificate Signed By Unknown Authority" error in ...

The error "Certificate Signed By Unknown Authority" may indicate your Docker container lacks ca-certificates, which are used to check ...

Docker container running golang http.Client getting error ...

I started off using a SCRATCH container and am getting the error certificate signed by unknown authority upon changing to ubuntu/alpine i ...

How to fix Docker error certificate signed by unknown authority ...

1: Create a file /etc/docker/daemon.json and add insecure-registries · 2: Restart the docker daemon by executing the command · 3: Create a directory...

Logging into your docker registry fails with x509 certificate - IBM

You cannot log in to your docker registry. The error return is: x509: certificate signed by unknown authority . Cause. You are using...

Docker x509: certificate signed by unknown authority | Resolved

In order to resolve this error, we have to import the CA certificate in use by the ICP into the system keystore. Then,...