[GODRIVER-1617] add option to JUST skip hostname verification for ssl/tls Created: 14/May/20 Updated: 24/Jul/20 Resolved: 24/Jul/20 |
|
| Status: | Closed |
| Project: | Go Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Huan Li | Assignee: | Divjot Arora (Inactive) |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Description |
|
Per a request in ticket Mongo tools require a flag in ClientOptions to bypass hostname validation during tls/ssl verification. And this is not possible done from client-side through tlsConfig, as from the discussion here https://github.com/golang/go/issues/21971 |
| Comments |
| Comment by Divjot Arora (Inactive) [ 24/Jul/20 ] |
|
Go's crypto/tls library doesn't offer this feature by default and actually adding it would require risky changes to disable all TLS verification and then re-enable it using tls.Config callbacks. Given the risk associated, we're closing as "Won't Do". |