Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-23645

The shell does certificate hostname checking when connected to unix domain socket

    XMLWordPrintable

    Details

      Description

      mongo --ssl --sslCAFile tests/certificates/ca.pem --host /tmp/mongodb-27017.sock                                                                      
      MongoDB shell version: 3.2.4
      connecting to: /tmp/mongodb-27017.sock:27017/test
      2016-04-11T13:08:44.614-0700 E NETWORK  [thread1] The server certificate does not match the host name /tmp/mongodb-27017.sock
      2016-04-11T13:08:44.614-0700 E QUERY    [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name /tmp/mongodb-27017.sock :
      connect@src/mongo/shell/mongo.js:226:14
      

      mongo --ssl --sslCAFile tests/certificates/ca.pem --host /tmp/mongodb-27017.sock --sslAllowInvalidHostnames
      MongoDB shell version: 3.2.4
      connecting to: /tmp/mongodb-27017.sock:27017/test
      2016-04-11T13:12:22.648-0700 W NETWORK  [thread1] The server certificate does not match the host name /tmp/mongodb-27017.sock
      Server has startup warnings: 
      

      Since Unix Domain Sockets are a different beast and it doesn't make any sense to do hostname verification.

        Attachments

          Activity

            People

            Assignee:
            adam.martin ADAM Martin (Inactive)
            Reporter:
            bjori Hannes Magnusson
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: