[CSHARP-2230] TLS Certificate validation fails with RemoteCertificateNameMismatch Created: 29/Mar/18 Updated: 05/Apr/19 Resolved: 25/May/18 |
|
| Status: | Closed |
| Project: | C# Driver |
| Component/s: | Connectivity |
| Affects Version/s: | 2.4.4, 2.5 |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Dane Barentine | Assignee: | Vincent Kam (Inactive) |
| Resolution: | Done | Votes: | 0 |
| Labels: | question | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
ASP.NET core 2.0 |
||
| Description |
|
When trying to connect to a MongoDB replica set via TLS I'm getting a RemoteCertificateNameMismatch error. This only happens when running in the docker container (not sure if it's a Linux thing or just Docker) and runs absolutely fine on Windows. The Subject of the certificate looks like: The connection string looks similar to: I thought maybe it was a .NET core issue on Linux. But I created a simple http call to a URI that also uses a wildcard certificate and it worked fine. |
| Comments |
| Comment by Vincent Kam (Inactive) [ 25/May/18 ] |
|
Closing this issue since we haven't heard anything further. We can re-open the issue if new information becomes available. |
| Comment by Vincent Kam (Inactive) [ 04/Apr/18 ] |
|
I don't believe it is an SNI issue referenced since the driver throws a different exception in that case (i.e. "MongoDB.Driver.MongoCommandException: Command isMaster failed: no SNI name sent, make sure using a MongoDB 3.4+ driver/shell"). I also don't believe its a wildcard issue because Atlas uses certificates with wildcards for the Common Name, and the C# Driver can connect to Atlas on Linux without any issues. I would recommend asking the providers of mongodirector.com for additional assistance. |
| Comment by Dane Barentine [ 29/Mar/18 ] |
|
I'm wondering if this is related: https://github.com/dotnet/corefx/issues/17427 |