Details
-
Type:
Task
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 2.1.0
-
Component/s: TLS
-
Labels:None
-
Sprint:Sprint connector/j 2.1.0
Description
Goal is to provide a solution to valid server certificats according to hostname.
Host(IPv4/IPv6/DNS) in connection string must be valid according to certicats CN (fully qualified domain name / wildcard) and Subject Alternative Name.
(equivalent of navigator "SSL Certificate Name Mismatch Error")
example : connecting to server1.example.com must throw an error if certificat is issue to *.another.com.
This verification must be disabled by option, with a default HostnameVerifier implementation, but with a possible user implementation.
Attachments
Issue Links
- is duplicated by
-
CONJ-486 No SSL hostname verification on connect to MySQL 5.1.73
-
- Closed
-