Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-351

Investigate Darwin root certs Go bug and workarounds

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Won't Fix
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Networking
    • None

    Description

      There are reports of problems reading default root CA certs from a user's keychain when a root cert pool is not provided in the TLS config. It's hard to tell the exact status, but it does not work correctly at least as of Go 1.9.4.

      Hashicorp has a workaround which we could consider adopting or adapting (and are doing so for TOOLS-1948).

      Or, if we can confirm this is fixed in some newer Go release, then we'll need to mandate that as a minimum on Darwin.

      Some relevant issues can be found with this GitHub issue search

      Attachments

        Activity

          People

            david.golden@mongodb.com David Golden
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: