Windows task (run as system) tls: failed to verify certificate: x509: certificate signed by unknown authority #331
Comments
|
I believe Go just uses the Windows certificate store. It sounds likely that the administrator has up-to-date certificates in their user store and the certificates in the the local machine store are older. I would expect the latest certificates to be available via Windows Update for the machine store, but I am not an Windows expert. |
|
I am no expert either but I see the same Root and Intermediate certificates in the Windows certificate store when ran normally as Current User, Local Computer or even as SYSTEM user with psexec (PsExec64.exe -s -i c:\windows\system32\mmc.exe c:\windows\system32\certmgr.msc) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have had a Windows Task Scheduler tasks (Windows Server 2019) thats updates GeoLite databases for ages, lately i have started to notice the mmdb files are not updated any longer...not entirely sure when this started, the task is ran under the SYSTEM account.
When i manually run (https://learn.microsoft.com/nl-nl/sysinternals/downloads/psexec)
PsExec64.exe -s -i C:\GeoIP\geoipupdate.exe -vRepeated error(s) returned are like:
Couldn't download GeoLite2-ASN, retrying in 364.535167ms: performing metadata request: Get "https://updates.maxmind.com/geoip/updates/metadata?edition_id=GeoLite2-ASN": tls: failed to verify certificate: x509: certificate signed by unknown authorityStrange thing... same task ran under a Administrator account works fine, also same task (running as SYSTEM) on another server (Windows Server 2022 in this case) works without problems. I am able to reproduce the issue on 2 independent Windows Server 2019 instances.
The text was updated successfully, but these errors were encountered: