x509: certificate signed by unknown authority

[Kevintjeb]

Hello,

While trying to receive a token, to make subsequent requests, I get the following error :

2019/01/13 18:33:09 couldn't get token: Post https://accounts.spotify.com/api/token: x509: certificate signed by unknown authority

This of course implies that the certificate, that is offered, is signed by a (to my computer) unknown authority. However, this did work sometime in November last year. So spotify changed something up I'm guessing.

Would you have an Idea how to get this working, besides authorizing the certificate?

The following code was used:

config := &clientcredentials.Config{
    ClientID:     os.Getenv("SPOTIFY_ID"),
    ClientSecret: os.Getenv("SPOTIFY_SECRET"),
    TokenURL:     spotify.TokenURL,
}
token, err := config.Token(context.Background())
if err != nil {
    log.Fatalf("couldn't get token: %v", err)
}

client := spotify.Authenticator{}.NewClient(token)

[zmb3]

This is likely something with your environment. Are you running on a corporate or hotel network by chance? Is your OS up to date?

[Kevintjeb]

Hmm.

I am not running on a corporate or hotel network, I am using the latest gen, almost fully specced macbook pro with the latest Macos Mojave version.

Also verified by using a hotspot on my phone, that shares my LTE connection.

Edit:

After testing I realised that this is probably an issue related to Traefik. Because when running the go file on its own, there is no issue. But when running it with docker compose and traefik in front of it, it doesn't work.

[Kevintjeb]

Issue was related to Docker.

For further users:

When creating a docker container using multistage builds, don't forget to copy ca-certificates. Otherwise they will not be included.