-
Type:
Bug
-
Status: Open (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 10.4.11
-
Fix Version/s: 10.4
-
Component/s: Galera SST
-
Labels:None
-
Environment:CentOS 7.7
When using SAN certificates, the marabackup dump fails with:
E certificate is valid but its commonName does not match hostname
|
But on SAN certificates, the cn filed must be ignored and the SAN section of the cert must checked.
So
[sst]
|
encrypt=3
|
sst-syslog=1
|
tcert=PATH
|
tkey=PATH
|
Will work, but without verification.
But
[sst]
|
encrypt=3
|
sst-syslog=1
|
tcert=PATH
|
tkey=PATH
|
tca=PATH
|
fails.
So the only chance is to disable verification. 