[CDRIVER-4181] Secure Channel fails TLS handshake due to hostname mismatch Created: 06/Oct/21 Updated: 07/Mar/23 |
|
| Status: | Backlog |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Minor - P4 |
| Reporter: | Ezra Chung | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Epic Link: | CDRIVER-4575 |
| Description |
|
Observed on VS 2015 variants in patch builds (one, two). Given the C driver CA certificate being registered on the system and a mock KMS server running on port 7999, the TLS handshake as initiated by test_kms_tls_cert_valid() fails with the error SSL Certification verification failed: hostname doesn't match certificate when attempting to resolve "127.0.0.1:7999", but succeeds when "localhost:7999" is provided instead. This suggests there may be a bug in the Secure Channel library's implementation of hostname resolution in the version being used by the VS 2015 variant on Evergreen. |
| Comments |
| Comment by Githook User [ 07/Sep/22 ] |
|
Author: {'name': 'Ezra Chung', 'email': '88335979+eramongodb@users.noreply.github.com', 'username': 'eramongodb'}Message:
|