This may be better asked in a k8s forum, but I'm not aware of a good one, and as I've never seen this anywhere but in Go applications, perhaps someone here will know about this.
In our enterprise, we have a bunch of k8s clusters. I have a bunch of Go code using the k8s client api to get data from those clusters. For some reason, when I attempt to connect to some of those clusters, I get a "negative serial number" error. After some digging, I found that adding "godebug (x509negativeserial=1)" to your go.mod will work around this problem. The thing is, I also wrote some code that examines the cluster cert and its serial number, and in the cases where I've gotten this error, I've never found a serial number that was negative. Perhaps it's negative if it's assumed to be a limited number of bits? I have no idea. I also saw this error today when someone tried to run "helm" to get something on an external web site, and after I did "export GODEBUG=x509negativeserial=1", that resolved that problem. Anyone know anything about this? -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/golang-nuts/05aac334-1079-48b4-b1a2-1c59ce11512fn%40googlegroups.com.
