fix: x509 error in windows7/8

component/ca/config.go

@@ -67,9 +67,6 @@ func ResetCertificate() {
 }
 
 func getCertPool() *x509.CertPool {
-	if len(trustCerts) == 0 {
-		return nil
-	}
 	if globalCertPool == nil {
 		mutex.Lock()
 		defer mutex.Unlock()

component/ca/fix_windows.go

@@ -0,0 +1,15 @@
+package ca
+
+import (
+	"golang.org/x/sys/windows"
+)
+
+func init() {
+	majorVersion, _, _ := windows.RtlGetNtVersionNumbers()
+	// crypto/x509: certificate validation in Windows fails to validate IP in SAN
+	// https://github.com/golang/go/issues/37176
+	// As far as I can tell this is still the case on most older versions of Windows (but seems to be fixed in 10)
+	if majorVersion < 10 && len(_CaCertificates) > 0 {
+		DisableSystemCa = true
+	}
+}