SSL Certificate Subject ALT Names with IPs or DNS: not respected with --ssl-verify-server-cert
Bug #1673656 reported by
Nickolay Ihalainen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
MySQL Server |
Unknown
|
Unknown
|
||||
Percona Server moved to https://jira.percona.com/projects/PS | Status tracked in 5.7 | |||||
5.5 |
Fix Released
|
High
|
Yura Sorokin | |||
5.6 |
Fix Released
|
High
|
Yura Sorokin | |||
5.7 |
Fix Released
|
High
|
Yura Sorokin |
Bug Description
https:/
X509_VERIFY_
Major issue happening with Aurora cluster:
"In order to connect to the cluster endpoint using SSL, your client connection utility must support Subject Alternative Names (SAN). If your client connection utility doesn't support SAN, you can connect directly to the instances in your Aurora DB cluster. For more information on Aurora endpoints, see Aurora Endpoints."
http://
Upstream bug:
https:/
tags: | added: i177067 |
To post a comment you must log in.
https:/ /github. com/percona/ percona- server/ pull/1779 /github. com/percona/ percona- server/ pull/1780 /github. com/percona/ percona- server/ pull/1781
https:/
https:/