[ARROW-5643] [Flight] Add ability to override hostname checking - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.14.0
Component/s: FlightRPC
Labels:
- pull-request-available

External issue URL:
https://github.com/apache/arrow/issues/22079

Description

We should add the ability to override hostname checks, so you can connect to localhost over TLS but still verify that the certificate is for some other domain.

Example: when deploying on Kubernetes with headless services, clients connect directly to backend services and do load balancing themselves. Thus all instances of an application must present a certificate for the same hostname. To do health checks in such an environment, you can't connect to the TLS hostname (which may resolve to a different instance); you need to connect to localhost, and override the hostname check.

Attachments

Issue Links

links to

GitHub Pull Request #5

GitHub Pull Request #4608

Activity

People

Assignee:: David Li

Reporter:: David Li

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 18/Jun/19 18:54

Updated:: 11/Jan/23 07:41

Resolved:: 24/Jun/19 08:06

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

2.5h