Details
-
Task
-
Resolution: Unresolved
-
Unknown
-
None
-
None
-
None
-
Not Needed
Description
The wrong-host.pem cert in drivers-evergreen-tools is missing the subjectAltName field and leads to a warning from pyopenssl:
[2023/02/23 20:38:07.893] test_01_aws (test.test_encryption.TestKmsTLSOptions) ... /System/Volumes/Data/data/mci/a1ed7438a8f2faff8afef48c72af9dd7/src/venv-encryption/lib/python3.9/site-packages/service_identity/pyopenssl.py:74: SubjectAltNameWarning: Certificate with CN 'wronghost.com' has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. service-identity will remove the support for it in mid-2018.
|
[2023/02/23 20:38:07.893] cert_patterns=extract_ids(connection.get_peer_certificate()),
|
We should regenerate this cert with the correct subjectAltName field.