-
Notifications
You must be signed in to change notification settings - Fork 725
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Multiple CN support for TLS connections #5134
Labels
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
type/feature-request
Categorizes issue or PR as related to a new feature.
Comments
nolouch
added
type/feature-request
Categorizes issue or PR as related to a new feature.
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
labels
Jun 9, 2022
/assign @nolouch |
17 tasks
This was referenced Apr 30, 2024
|
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Labels
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
type/feature-request
Categorizes issue or PR as related to a new feature.
Bug Report
I want to use different CN for clients and TiKV nodes, but pd-server fails to startup if I specify more than one. I don't use TiDB layer and my clients run on a completely separate fleet and use completely separate certificates, so just do not make sense to have same CN.
What did you do?
Specify multiple values under:
as PD config accepts multiple values under security.cert-allowed-cn:
pd/conf/config.toml
Lines 34 to 35 in af174e6
What did you expect to see?
pd-server starts up and client with different CN could connect to it.
What did you see instead?
pd-server fails to start to startup due to this check:
pd/pkg/grpcutil/grpcutil.go
Lines 93 to 103 in b4c1804
What version of PD are you using (
pd-server -V
)?5.4, but the latest master has same issue
The text was updated successfully, but these errors were encountered: