Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-4181

Secure Channel fails TLS handshake due to hostname mismatch

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor - P4 Minor - P4
    • None
    • None
    • None
    • None

    Description

      Observed on VS 2015 variants in patch builds (one, two).

      Given the C driver CA certificate being registered on the system and a mock KMS server running on port 7999, the TLS handshake as initiated by test_kms_tls_cert_valid() fails with the error SSL Certification verification failed: hostname doesn't match certificate when attempting to resolve "127.0.0.1:7999", but succeeds when "localhost:7999" is provided instead. This suggests there may be a bug in the Secure Channel library's implementation of hostname resolution in the version being used by the VS 2015 variant on Evergreen.

      Attachments

        Activity

          People

            Unassigned Unassigned
            ezra.chung@mongodb.com Ezra Chung
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: