我正在创建一个网络应用程序,通常我使用nginx并加密我的SSL证书,这总是很好。我有nginx将流量重定向到不同的本地服务器,具体取决于子域。
但是,我决定尝试使用golang的ListenAndServeTLS功能。所以我正常设置我的句柄并通过let加密生成一些签名证书,并将证书的文件位置和密钥传递给ListenAndServeTLS函数。
现在,出于某种原因,当从浏览器访问该站点时,我没有遇到任何问题,它会验证证书并通知我我的连接是安全的但是使用curl,我得到以下响应
$ curl https://...
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.
我从来没有遇到过nginx这个问题,而我只是想知道是否有人有任何建议或之前有过这个问题,并知道如何解决它。