Comment 10 for bug 1620755

AFAIK, certificates are loaded by Go runtime.

The runtime reads the following bundle files (stops after the first one found):

var certFiles = []string{
 "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
 "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6
 "/etc/ssl/ca-bundle.pem", // OpenSUSE
 "/etc/pki/tls/cacert.pem", // OpenELEC
 "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7
 "/etc/ssl/cert.pem", // Alpine Linux
}

and loads files from the following directories:

var certDirectories = []string{
 "/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
 "/system/etc/security/cacerts", // Android
 "/usr/local/share/certs", // FreeBSD
 "/etc/pki/tls/certs", // Fedora/RHEL
 "/etc/openssl/certs", // NetBSD
 "/var/ssl/certs", // AIX
}

Make sure thet either the bundle has been regenerated or the enterprise certificates are inside the right directory.