-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pkg: refine tls && update tidb version #323
Conversation
/run-all-tests |
@kennytm @csuzhangxc PTAL |
// client2 can't visit server | ||
_, err = ClientWithTLS(clientTLS2).Get(url) | ||
c.Assert(err, ErrorMatches, ".*tls: bad certificate") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will the server accept client2
if the common name is localhost
(the CA's common name)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no, you will see the log of unit test:
2020/03/12 12:21:44 http: TLS handshake error from 127.0.0.1:51864: client certificate authentication failed. The Common Name from the client certificate [client2 localhost] was not found in the configuration cluster-verify-cn with value: [client1]
the common name already include localhost
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
What problem does this PR solve?
What is changed and how it works?
Check List
Tests