proposal: cmd/go: git repo client TLS certificate authentication support

Question

proposal: cmd/go: git repo client TLS certificate authentication support

pboguslawski opened this issue 3 years ago · 2 comments

With

myhost:~$ cat ~/.gitconfig
[user]
    name = Me
    email = me@my.email
[http]
    sslCAPath = /etc/ssl/certs
    sslVerify = true
[http "https://my.repo"]
    sslCert = /home/me/tls/my.crt
    sslKey = /home/me/tls/my.key

git allows one to authenticate to repo using https and client TLS certificates and

myhost:~$ git clone https://my.repo/me/my-project

...works fine.

But go mod tidy is unable to authenticate when fetching additional dependencies from same git service:

myhost:~$ go version
go version go1.18.1 linux/amd64
myhost:~$ export GO111MODULE=on
myhost:~$ export GOPRIVATE='my.repo'
myhost:~$ cd my-project
myhost:~/my-project$ go mod tidy
[...]
my.repo/me/my-project imports
    my.repo/me/my-lib/my-package
	my.repo/me/my-lib/my-package: cannot find module providing package my.repo/me/my-lib/my-package: unrecognized import path "my.repo/me/my-lib/my-package": https fetch: Get "https://my.repo/me/my-lib/my-package?go-get=1": remote error: tls: certificate required

Please consider adding support in go cmd for connecting to private git repos using client TLS certificates.

Similar issue: #26232

Answer 1 · 2022-06-08T16:36:43.000Z

CC @bcmills @matloob

Answer 2 · 2022-06-15T17:45:21.000Z

Duplicate of #30119