我用 go mod 所以使用了 goproxy.io ,然后今天 go get 一直报错
go get -u github.com/kataras/iris@master
go: finding github.com/kataras/iris master
go: finding github.com/kataras master
go: finding github.com master
go get github.com/kataras/iris@master: Get https://goproxy.io/github.com/kataras/iris/@v/master.info: x509: certificate has expired or is not yet valid
然后联系了项目作者,并使用如下命令排查
echo | openssl s_client -showcerts -servername g -connect goproxy.io:443 2>/dev/null | openssl x509 -inform pem -noout -text
排查结果
$ echo | openssl s_client -showcerts -servername g -connect goproxy.io:443 2>/dev/null | openssl x509 -inform pem -noout -text
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 13475652372996557386 (0xbb03226fa91c0a4a)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CN, ST=BJ, L=BJ, O=Default Company Ltd
Validity
Not Before: Jun 15 10:59:49 2018 GMT
Not After : Jun 16 10:59:49 2019 GMT
Subject: C=CN, ST=BJ, L=BJ, O=Default Company Ltd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:a2:7d:88:5f:e0:3c:d0:ba:1f:c5:d9:81:31:f5:
c2:bf:59:74:5e:cd:6e:9d:52:bf:b4:5c:f1:5a:59:
a8:ec:8f:1d:01:f5:a4:66:86:a9:d3:9d:26:9d:b9:
d4:c3:bf:39:8c:a3:07:43:00:75:d3:34:1e:06:33:
04:ef:2b:46:ad:15:93:99:3c:0c:22:a1:e5:a9:08:
ce:18:c2:bc:71:d0:8f:8a:20:69:6a:ed:86:53:b4:
d1:fd:be:a2:3f:a0:3e:74:32:82:ea:40:a6:de:d9:
91:d9:bf:23:37:fa:5b:7c:c3:fc:2c:b9:38:76:37:
53:0d:42:a9:bb:4e:5b:a9:e3
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
97:f3:97:ae:c9:18:37:1b:55:61:b6:12:fe:3f:65:84:59:cf:
e5:eb:f3:cf:4a:a5:9f:fb:a2:2f:3f:71:da:b2:27:fd:b0:7f:
f2:8a:7f:28:e0:ac:77:ee:84:c5:e7:47:89:47:47:7a:a1:21:
5d:49:32:e3:a3:f8:53:0a:5b:aa:71:64:c6:39:21:4c:95:3a:
7b:d1:57:6b:72:31:c2:5b:01:02:04:a6:cb:e7:8a:61:7c:49:
6e:36:eb:74:ed:af:52:17:d7:0b:a8:88:b9:ac:a3:92:5c:ac:
7f:7f:94:88:fd:a3:64:ab:61:77:05:a4:50:b5:8f:84:d3:6f:
74:e1
然后作者给的回复
证书确实被人劫持了,你这个不是被信任的证书,有人想窥探隐私吧,正确的证书应该是
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a1:7a:07:16:43:3c:e5:83:fc:4e:ee:5c:e9:c6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Jul 15 00:00:00 2019 GMT
Not After : Jul 14 23:59:59 2021 GMT
Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=gomirrors.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
我这边能做的非常有限,你这是本地的劫持。
或者说如果你是在公司的话,可能是公司强制做的,原因你应该明白。
现在很无奈,有哪位大佬能救救我
1
tankren 2019-08-04 14:44:29 +08:00 via Android
中间人吧
|
2
lcdtyph 2019-08-04 16:22:16 +08:00 via iPhone
挂梯子…
|
3
wonderingray 2019-08-10 00:33:09 +08:00 via iPad
试试 goproxy.cn 呀,比这个 io 的快好多呢,阿里云的那个也比 io 的快呀,目前所有已知代理的测试结果里 io 是最慢的了,搞不懂为啥大家都要用它。。。
|