Sorry about the weird link - this is PR 5131
On 5/22/20, 1:33 PM, "Bruce Schuchardt" <bschucha...@gmail.com> wrote:
I’ve been asked to propose backporting these changes to the 1.13 branch.
This is a security issue – endpoint verification in servers is currently
broken. That is, if you enable it you’re unable to start up a cluster.
Endpoint verification requires the server-side of a tcp/ip connection to
present a certificate that identifies the server by hostname. The client then
checks that hostname against what it expects as part of the TLS (“SSL”)
handshake.
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fgeode%2Fpull%2F5131&data=02%7C01%7Cbruces%40vmware.com%7Cbdbbf0ecaf9049c974b908d7fe8f62b4%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C1%7C637257764107593299&sdata=kSxTyXxzsavxBRD97eR8KM%2FNyuLV9XwFLun5NzLwxjs%3D&reserved=0
