Sorry about the weird link - this is PR 5131
On 5/22/20, 1:33 PM, "Bruce Schuchardt" <bschucha...@gmail.com> wrote: I’ve been asked to propose backporting these changes to the 1.13 branch. This is a security issue – endpoint verification in servers is currently broken. That is, if you enable it you’re unable to start up a cluster. Endpoint verification requires the server-side of a tcp/ip connection to present a certificate that identifies the server by hostname. The client then checks that hostname against what it expects as part of the TLS (“SSL”) handshake. https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fgeode%2Fpull%2F5131&data=02%7C01%7Cbruces%40vmware.com%7Cbdbbf0ecaf9049c974b908d7fe8f62b4%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C1%7C637257764107593299&sdata=kSxTyXxzsavxBRD97eR8KM%2FNyuLV9XwFLun5NzLwxjs%3D&reserved=0