Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-351

Investigate Darwin root certs Go bug and workarounds

    • Type: Icon: Task Task
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Networking
    • None

      There are reports of problems reading default root CA certs from a user's keychain when a root cert pool is not provided in the TLS config. It's hard to tell the exact status, but it does not work correctly at least as of Go 1.9.4.

      Hashicorp has a workaround which we could consider adopting or adapting (and are doing so for TOOLS-1948).

      Or, if we can confirm this is fixed in some newer Go release, then we'll need to mandate that as a minimum on Darwin.

      Some relevant issues can be found with this GitHub issue search

            Assignee:
            david.golden@mongodb.com David Golden
            Reporter:
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: