就像Berkant评论说的那样,"这意味着你的应用运行的安装的CA无法确认证书"。

最好的办法是检查你的主机的证书是否有效并正确配置。如果你的主机使用的是你自己的证书,最好是把它添加到你的系统文库的 knows 证书中。你也可以把它添加到 golang 本身,或者忽略它。

要把自己的证书添加到 golang 中,请看这个答案。

然后像下面这样设置客户端。

要忽略它,gosoap.Client有一个Client字段,允许设置http.Client,但必须在调用gosoap.SoapClient后才能设置,所以你需要模仿gosoap.SoapClient:

func SoapClient(wsdl string) (*gosoap.Client, error) {
    _, err := url.Parse(wsdl)
    if err != nil {
        return nil, err
    }

    tr := &http.Transport{
        TLSClientConfig: &tls.Config{InsecureSkipVerify : true},
    }

    //client := &http.Client{Transport: tr}//1: if you wanna add only soap headers
    client := &http.Client{Transport: NewAddHeaderTransport(tr)}//1: if you wanna add http headers

    //2: if you wann add soap headers, soap.Client has HeaderName and HeaderParams field

   soapClient := &gosoap.Client{
        HttpClient:      client,
        WSDL:        wsdl,
        URL:         strings.TrimSuffix(d.TargetNamespace, "/"),
    }

    err := getWsdlDefinitions(wsdl, &soapClient.Definitions, client)
    if err != nil {
        return nil, err
    }

    return soapClient, nil
}

//we use interface{} since gosoap.wsdlDefinitions is unexported
func getWsdlDefinitions(u string, wsdl interface{}, client *http.Client) (err error) {
    r, err := client.Get(u)
    if err != nil {
        return err
    }
    defer r.Body.Close()

    decoder := xml.NewDecoder(r.Body)
    decoder.CharsetReader = charset.NewReaderLabel
    return decoder.Decode(wsdl)
}

type AddHeaderTransport struct {
    T http.RoundTripper
}

func (adt *AddHeaderTransport) RoundTrip(req *http.Request) (*http.Response, error) {
    req.Header.Add("Your-Header", "your header value")
    return adt.T.RoundTrip(req)
}

func NewAddHeaderTransport(T http.RoundTripper) *AddHeaderTransport {
    if T == nil {
        T = http.DefaultTransport
    }
    return &AddHeaderTransport{T}
}