[DRIVERS-2559] wrong-host.pem cert in drivers-evergreen-tools is missing subjectAltName field Created: 24/Feb/23  Updated: 28/Feb/23

Status: Backlog
Project: Drivers
Component/s: None
Fix Version/s: None

Type: Task Priority: Unknown
Reporter: Shane Harvey Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Driver Changes: Not Needed

 Description   

The wrong-host.pem cert in drivers-evergreen-tools is missing the subjectAltName field and leads to a warning from pyopenssl:

 [2023/02/23 20:38:07.893] test_01_aws (test.test_encryption.TestKmsTLSOptions) ... /System/Volumes/Data/data/mci/a1ed7438a8f2faff8afef48c72af9dd7/src/venv-encryption/lib/python3.9/site-packages/service_identity/pyopenssl.py:74: SubjectAltNameWarning: Certificate with CN 'wronghost.com' has no `subjectAltName`, falling back to check for a `commonName` for now.  This feature is being removed by major browsers and deprecated by RFC 2818.  service-identity will remove the support for it in mid-2018.
 [2023/02/23 20:38:07.893]   cert_patterns=extract_ids(connection.get_peer_certificate()),

https://evergreen.mongodb.com/task/mongo_python_driver_test_macos_encryption__platform~macos_1100_auth~auth_ssl~nossl_encryption~encryption_crypt_shared_test_latest_sharded_cluster_32faa261b68a2fd33c16b1ab88f97bb73b58e85d_23_02_23_19_09_11

We should regenerate this cert with the correct subjectAltName field.


Generated at Thu Feb 08 08:25:52 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.