TLS connection with invalid host is blocked
IvanKostyuk opened this issue · comments
It is not good to have invalid certificate, but for development purposes the certificate does not have correct host names populated.
For example, I set up a cluster of 3 nodes with one certificate and in Java clients I said that I accept the risk.
This is how it looks in the certificate
Alternative Name:
DNS:kafka, DNS:localhost
But then, I'm trying to connect with the extension
Failed operation - Connection error: Hostname/IP does not match certificate's altnames: IP: is not in the cert's list:
It will be great, to have a checkbox an uncheck host verification.
Per my understanding, this function tls.checkServerIdentity(host, cert) should be overridden.
Is there any chance to have a contribution?