Uploaded image for project: 'Apache Arrow'
  1. Apache Arrow
  2. ARROW-5643

[Flight] Add ability to override hostname checking

    XMLWordPrintableJSON

    Details

      Description

      We should add the ability to override hostname checks, so you can connect to localhost over TLS but still verify that the certificate is for some other domain.

      Example: when deploying on Kubernetes with headless services, clients connect directly to backend services and do load balancing themselves. Thus all instances of an application must present a certificate for the same hostname. To do health checks in such an environment, you can't connect to the TLS hostname (which may resolve to a different instance); you need to connect to localhost, and override the hostname check.

        Attachments

          Activity

            People

            • Assignee:
              lidavidm David Li
              Reporter:
              lidavidm David Li
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h 10m
                2h 10m