Skip to content

Commit

Permalink
Set the ServerName for TLS configuration (#988)
Browse files Browse the repository at this point in the history 
When TLS hostname validation used for the MySQL connection, the
ServerName property needs to be set so that it knows which name to
validate on the certificate.

Without this option and with InsecureSkipVerify set to false, validation
will error here with a fatal error otherwise:

```
FATAL tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config
```
  • Loading branch information
@dbussink
dbussink authored Jun 17, 2021
1 parent 9bc508f commit 40acde0
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions go/mysql/connection.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ func (this *ConnectionConfig) UseTLS(caCertificatePath, clientCertificate, clien
}

this.tlsConfig = &tls.Config{
ServerName: this.Key.Hostname,
Certificates: certs,
RootCAs: rootCertPool,
InsecureSkipVerify: allowInsecure,
Expand Down

0 comments on commit 40acde0

Please sign in to comment.