-
Type:
Improvement
-
Status: Resolved
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: libprocess
-
Labels:
-
Epic Link:
Libprocess currently uses custom code for hostname validation in its SSL certificate verification workflow. However openssl provides a function for this, X509_check_host() .
For safety and reliability, we should enable an option to use X509_check_host() for hostname validation instead of our custom code, but preserve the custom code for backward compatibility.
- is superceded by
-
MESOS-9809 Use OpenSSL built-in functions for hostname validation
-
- Resolved
-