We downgraded from Golang 1.10 to Golang 1.9. We found a breaking change in Golang 1.10 that the parsing of x509 certificates is much stricter. Github issues on the regression here and here. We plan to upgrade to Golang 1.10 when a fix is released for this issue.