[GODRIVER-1559] Adding a tlsCertificateSelector client option Created: 07/Apr/20 Updated: 09/Jan/24 |
|
| Status: | Backlog |
| Project: | Go Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Tim Fogarty | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Quarter: | FY25Q1 | ||||||||||||
| Documentation Changes Summary: | 1. What would you like to communicate to the user about this feature? |
||||||||||||
| Description |
|
We've had a request in TOOLS-2362 to add a --tlsCertificateSelector option. This seems like the kind of feature that it would make sense to implement in the driver, not tools. But it looks to me like this isn't built into the Go TLS stack so might take considerable effort. crypto/x509 has SystemCertPool(), but it's broken on Windows (https://github.com/golang/go/issues/18609) and it might only get CA certs anyway, I'm not sure of the details. Do you think this is practical to implement? |