[GODRIVER-1559] Adding a tlsCertificateSelector client option Created: 07/Apr/20  Updated: 09/Jan/24

Status: Backlog
Project: Go Driver
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Tim Fogarty Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to TOOLS-2362 Add certificate selector command-line... Accepted
Quarter: FY25Q1
Documentation Changes Summary:

1. What would you like to communicate to the user about this feature?
2. Would you like the user to see examples of the syntax and/or executable code and its output?
3. Which versions of the driver/connector does this apply to?


 Description   

We've had a request in TOOLS-2362 to add a --tlsCertificateSelector option.

This seems like the kind of feature that it would make sense to implement in the driver, not tools. But it looks to me like this isn't built into the Go TLS stack so might take considerable effort. crypto/x509 has SystemCertPool(), but it's broken on Windows (https://github.com/golang/go/issues/18609) and it might only get CA certs anyway, I'm not sure of the details.

Do you think this is practical to implement?


Generated at Thu Feb 08 08:36:39 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.