[
https://issues.apache.org/jira/browse/GEODE-9396?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17451299#comment-17451299
]
ASF subversion and git services commented on GEODE-9396:
--------------------------------------------------------
Commit a24fceb4ec0ee6ff87023734757ece4d9bc71fdb in geode's branch
refs/heads/develop from Kamilla Aslami
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=a24fceb ]
GEODE-9396: Translate Old Member IP to Name for Endpoint ID (#7119)
* During rolling upgrade P2P TLS handshake with members older than 1.15.0 was
failing sometimes
* because TLS (HTTP/TLS) endpoint identification failed because those member
IDs carried IP
* numbers instead of names (and no matching CN or SAN was/would be present in
the certificate).
* With this commit, we convert those IP numbers to names before attempting the
TLS handshake.
Co-authored-by: Bill Burcham <[email protected]>
Co-authored-by: Kamilla Aslami <[email protected]>
> Upgrades using SSL fail with mismatch of hostname in certificates
> -----------------------------------------------------------------
>
> Key: GEODE-9396
> URL: https://issues.apache.org/jira/browse/GEODE-9396
> Project: Geode
> Issue Type: Bug
> Components: membership
> Affects Versions: 1.15.0
> Reporter: Ernest Burghardt
> Assignee: Bill Burcham
> Priority: Major
> Labels: pull-request-available, release-blocker
>
> When upgrading from a previous version (prior to 1.14) the ssl handshake will
> fail to complete in cases where the Certificate contains a symbolic name that
> doesn't match the hostname used by the sslengine.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
