golang: HTTPS request yields "crypto/rsa: verification error"

Question

I'm having trouble accessing https urls with the net/http package.

Here's a working example of the error:

package main

import (
  "fmt"
  "net/http"
)

func main() {
  _, err := http.Get("https://api.bitfinex.com/v1/book/ltcbtc")
  if err != nil {
    fmt.Println(err)
  }
}

This program yields the error,

Get https://api.bitfinex.com/v1/book/ltcbtc: crypto/rsa: verification error

The docs for net/http clearly state,

Get, Head, Post, and PostForm make HTTP (or HTTPS) requests

but I can't find any documentation on this error.

The source for crypto/rsa only has this to say about the error:

// ErrVerification represents a failure to verify a signature.
// It is deliberately vague to avoid adaptive attacks.
var ErrVerification = errors.New("crypto/rsa: verification error")

So I'm not sure where to go from here. I'm pretty sure it's not their fault because Chrome is happy with their https certificate.

I've also tried using a Client with a tls.Config that has InsecureSkipVerify set to true, but that didn't seem to shut this error up.

Answer 1

Go uses the system root SSL certificate under linux and windows.

Given that the test works fine on my ubuntu 12.04 box with go 1.2, either

1. You are using a very old version of go
2. Your system has out of date root certificates

If you want to update your root certificates, here is a hint for windows. Googling should find you more ideas for other OSes.