go - How to solve x509: certificate has expired or is not yet valid when doing http requests

Question

I have a web server that gets it's certs from golang.org/x/crypto/acme/autocert

I run it on a VM.

Relevante code:

cache := autocert.DirCache("cert")

certManager := autocert.Manager{
    Prompt:     autocert.AcceptTOS,
    HostPolicy: autocert.HostWhitelist(common.ConfHost.GetString(), "www."+common.ConfHost.GetString()),
    Email:      common.ConfEmail.GetString(),
    Cache:      cache,
}

This is what I'm using for HTTP Requests: resp, err := http.DefaultClient.Get(url)

When I try to fetch from a specific API, I get this error: x509: certificate has expired or is not yet valid current time 2020-12-28T17:29:37Z is after 2020-12-26T08:22:28Z

But it only happens to that specific API. I've tried a few others and they all worked.

The code was working until the 26th of December, when the certificate expired.

On the other hand, I wrote a main.go to test without all the certificates that I have to use on my webserver just to test. When I run the code on my local machine I get the response from the API without any issues.

This is the main.go file: https://play.golang.org/p/-EB9DIjJYQO

How can I fix this issue?

Answer 1

the current status of the package you are using

This package is a work in progress and makes no API stability promises.

it's hard to tell why that API doesn't work like others, could be something in your code or the package it-self.

you may try certmagic package and test your code against it, it's fully matured and in production already.