Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-21562

SAN certificates not working (socat)

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.4.11
    • 10.4
    • Galera SST
    • None
    • CentOS 7.7

    Description

      When using SAN certificates, the marabackup dump fails with:

      E certificate is valid but its commonName does not match hostname
      

      But on SAN certificates, the cn filed must be ignored and the SAN section of the cert must checked.

      So

      [sst]
      encrypt=3
      sst-syslog=1
      tcert=PATH
      tkey=PATH
      

      Will work, but without verification.
      But

      [sst]
      encrypt=3
      sst-syslog=1
      tcert=PATH
      tkey=PATH
      tca=PATH
      

      fails.
      So the only chance is to disable verification.

      Attachments

        Activity

          People

            sysprg Julius Goryavsky
            mariaTux Frank
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.