Do you have a standalone reproducer of a certificate go1.17 considered valid that go1.18 does not? If so, can you file an issue at https://github.com/golang/go/issues for investigation?
On Thursday, March 24, 2022 at 2:10:10 AM UTC-4 Jim Idle wrote: > Having just upgraded to 1.18, I find that quite a few encrypted > connections, for instance https to a Neptune instance on AWS, now fail with: > > x509: “*.xxxxxxxxx.neptune.amazonaws.com” certificate is not standards > compliant > > It seems to be related to this comment: > > > https://cs.opensource.google/go/go/+/master:src/crypto/x509/root_darwin.go;l=52 > > I don’t immediately see anything on how to get around this via google > searches, though I see some changelists concerning x509 for 1.18. I am not > able to change the Neptune certificate, which may indeed not be quite > standards compliant, as the error message suggests. However, it is not just > Neptune - I see some people having issues with redid for instance. > > Apologies if this has been addressed somewhere that I have not found. > Perhaps with more time, I will find some workaround or solution, but I > thought asking here may help. > > Any input/workarounds appreciated, as well as any insight into the reason > for change. > > Jim > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/2dcb264a-25a0-4122-ab1b-7db88aac3bcdn%40googlegroups.com.
