-
Type: Task
-
Resolution: Won't Fix
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Networking
-
None
There are reports of problems reading default root CA certs from a user's keychain when a root cert pool is not provided in the TLS config. It's hard to tell the exact status, but it does not work correctly at least as of Go 1.9.4.
Hashicorp has a workaround which we could consider adopting or adapting (and are doing so for TOOLS-1948).
Or, if we can confirm this is fixed in some newer Go release, then we'll need to mandate that as a minimum on Darwin.
Some relevant issues can be found with this GitHub issue search
- is duplicated by
-
GODRIVER-835 Querying Atlas sandbox cluster returns server selection timeout
- Closed
- related to
-
GODRIVER-643 Verify server certificates using CAs in system certificate stores
- Closed