go: crypto/x509: TestSystemVerify consistently failing
#!watchflakes
post <- goos == "windows" && pkg == "crypto/x509" && test == "TestSystemVerify"
https://build.golang.org/log/97b5cac923dc9079392efd9637b9fffa8b9f7592:
--- FAIL: TestSystemVerify (1.59s)
--- FAIL: TestSystemVerify/Valid (0.10s)
verify_test.go:479: unexpected error: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/MixedCase (0.00s)
verify_test.go:479: unexpected error: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/HostnameMismatch (0.00s)
verify_test.go:378: error was not a HostnameError: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/IPMissing (0.00s)
verify_test.go:378: error was not a HostnameError: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/Expired (0.00s)
verify_test.go:388: error was not Expired: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/RootInIntermediates (0.00s)
verify_test.go:479: unexpected error: x509: certificate signed by unknown authority
--- FAIL: TestSystemVerify/SHA-384 (0.02s)
verify_test.go:514: Got 0 matches instead of 1 for expected chain [api.moip.com.br COMODO RSA Extended Validation Secure Server CA COMODO RSA Certification Authority AddTrust External CA Root]
FAIL
FAIL crypto/x509 2.845s
(attn @golang/security @dmitshur)
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 17 (4 by maintainers)
Commits related to this issue
- crypto/x509: fix broken tests Convert TestUnknownAuthorityError to use subtests, avoiding continuing the test after an unrecoverable failure. Skip TestIssue51759 on pre-macOS 11 builders, which don'... — committed to golang/go by rolandshoemaker a year ago
- [release-branch.go1.20] crypto/x509: fix system root tests + darwin intermediate handling On Windows, replace tests which rely on a root that expired last year. On Darwin fix an test which wasn't tes... — committed to golang/go by rolandshoemaker a year ago
- [release-branch.go1.20] crypto/x509: fix broken tests Convert TestUnknownAuthorityError to use subtests, avoiding continuing the test after an unrecoverable failure. Skip TestIssue51759 on pre-macOS... — committed to golang/go by rolandshoemaker a year ago
- [release-branch.go1.19] crypto/x509: fix system root tests + darwin intermediate handling On Windows, replace tests which rely on a root that expired last year. On Darwin fix an test which wasn't tes... — committed to golang/go by rolandshoemaker a year ago
- [release-branch.go1.19] crypto/x509: fix broken tests Convert TestUnknownAuthorityError to use subtests, avoiding continuing the test after an unrecoverable failure. Skip TestIssue51759 on pre-macOS... — committed to golang/go by rolandshoemaker a year ago
- [release-branch.go1.20] crypto/x509: fix system root tests + darwin intermediate handling On Windows, replace tests which rely on a root that expired last year. On Darwin fix an test which wasn't tes... — committed to TroutSoftware/go by rolandshoemaker a year ago
- [release-branch.go1.20] crypto/x509: fix broken tests Convert TestUnknownAuthorityError to use subtests, avoiding continuing the test after an unrecoverable failure. Skip TestIssue51759 on pre-macOS... — committed to TroutSoftware/go by rolandshoemaker a year ago
I think this is something to do with an expiration — all of the builders started failing at once, even on TryBots at older base CLs (https://storage.googleapis.com/go-build-log/cd3d6904/windows-386-2016_967987aa.log).