Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-2481

"-DENABLE_SSL=OPENSSL" would not allow user connect server with ip address

    • Type: Icon: Bug Bug
    • Resolution: Works as Designed
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 1.7.0
    • Component/s: libmongoc
    • None

      mongo c driver: 1.7.0
      mongo cxx driver: r3.1.3

      if I compile the c driver with "-DENABLE_SSL=OPENSSL", I do the following tests:
      case 1: the host's cert's CN is ip address, connect with ip address, failed.
      error info:

      connection failed: No suitable servers found (`serverSelectionTryOnce` set): [TL
      S handshake failed: error:14090086:SSL routines:ssl3_get_server_certificate:cert
      ificate verify failed calling ismaster on '10.154.10.39:27017']: generic server
      error

      • case 2*: the host's cert's CN is hostname , connect with host name , successful.

      but I can connect with mongo.exe successfully for both two cases.
      what's more , such issue disappears if I compile the driver with "-DENABLE_SSL=WINDOWS"

        1. dd.png
          31 kB
          winnie_quest

            Assignee:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Reporter:
            winnie_quest winnie_quest
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: