Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-37793

SSL - SAN parsing issue

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: 3.6.6
    • Component/s: None
    • None
    • ALL

      Fedora 28

      MongoDB server version: 3.6.3

      I'm trying to access mongoDB via mongo shell through SSL with SAN using IP addresses:
       
      [SAN]
      subjectAltName = @alt_names
       
      [alt_names]
      IP.1 = 99.999.99.001
      IP.2 = 99.999.99.001
       
      But I always got the error:

      [thread1] Error: socket exception [CONNECT_ERROR] for The server certificate does not match the host name. Hostname: 99.999.99.999 does not match SAN(s): :
       
      Notice empty list i.e. : : after SAN(s)!
       
      Several long hours and reference searching I've got to a similar issue:
      https://jira.mongodb.org/browse/SERVER-24533

      Then I tried replace IP.1 to DNS.1:

      DNS.1 = 99.999.99.001

       

      which is not a preferred way of functionality, I guess.

       

            Assignee:
            kelsey.schubert@mongodb.com Kelsey Schubert
            Reporter:
            georgegssy George Solymosi
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: