[#CONJ-422] Provide verification of SSL Certificate Name Mismatch

[CONJ-422] Provide verification of SSL Certificate Name Mismatch Created: 2017-02-02 Updated: 2020-08-25 Resolved: 2017-06-26
Status:	Closed
Project:	MariaDB Connector/J
Component/s:	TLS
Affects Version/s:	None
Fix Version/s:	2.1.0

Type:

Task

Priority:

Major

Reporter:

Diego Dupin

Assignee:

Diego Dupin

Resolution:

Fixed

Votes:

Labels:

None

Issue Links:

Duplicate
is duplicated by	~~CONJ-486~~	No SSL hostname verification on conne...	Closed

Sprint:

Sprint connector/j 2.1.0

Description

Goal is to provide a solution to valid server certificats according to hostname.

Host(IPv4/IPv6/DNS) in connection string must be valid according to certicats CN (fully qualified domain name / wildcard) and Subject Alternative Name.
(equivalent of navigator "SSL Certificate Name Mismatch Error")

example : connecting to server1.example.com must throw an error if certificat is issue to *.another.com.

This verification must be disabled by option, with a default HostnameVerifier implementation, but with a possible user implementation.

Generated at Thu Feb 08 03:15:33 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[CONJ-422] Provide verification of SSL Certificate Name Mismatch Created: 2017-02-02 Updated: 2020-08-25 Resolved: 2017-06-26