in openssl mode, cert name validation does not work properly
rgerhards opened this issue · 2 comments
rgerhards commented
In theory, this is caught by test ./tls-basic-vg.sh, but unfortunately the error is not detected by the test due to a failure in the test itself. PR #148 fixes that test bug and now experiences the problem. In order to make merging #148 possible, the test does still not fail (keeping existing bad behavior) but emits a warning message.
It looks like the cert common name (CN) is not or not properly evaluated - only dnsname seems to work (judging just from the test).
@alorbach can you pls have a look
rgerhards commented