Details
-
Task
-
Resolution: Unresolved
-
Major - P3
-
None
-
None
-
None
-
None
-
Server Security
Description
Once we use DNS -> A record resolution for round robin DNS, we need customize the TLS certificate validation to validate certificates against something other then a certificate.
Steps:
- Create a synchronous TCP connection by using Socket in src/mongo/util/net/sock.h
- Call Socket::connect()
- Call ldap_init_fd with the DNS name of the server we are connecting to instead of the IP address we connected with.
- Call ldap_install_tls if TLS
See https://pagure.io/SSSD/sssd/issue/905 for details.
Attachments
Issue Links
- is depended on by
-
SERVER-59049 Add support for round robin DNS A records
-
- Backlog
-