Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-42287

SNI names are not allowed to include IP addresses

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 4.3.1
    • Affects Version/s: None
    • Component/s: None
    • Labels:
    • Minor Change
    • ALL
    • Security 2019-07-29, Security 2019-08-12, Security 2019-08-26, Security 2019-09-09
    • 0

      Per RFC 6066:

      3. Server Name Indication
      ...
      Literal IPv4 and IPv6 addresses are not permitted in "HostName".

      MongoD currently sends 127.0.0.1 instead of localhost in local testing. Discovered when using the encrypted storage engine to talk to a kmip server using rustls.

            Assignee:
            adam.cooper@mongodb.com Adam Cooper (Inactive)
            Reporter:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: