Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

invalid dnsname #84

Closed
IThawk opened this issue Oct 11, 2019 · 8 comments
Closed

invalid dnsname #84

IThawk opened this issue Oct 11, 2019 · 8 comments

Comments

@IThawk
Copy link

IThawk commented Oct 11, 2019

use this example:
Starting to serve on https://127.0.0.1:1337.
[!] Voluntary server halt due to client-connection error...
FAILED: run errorerror trying to connect: invalid dnsname
@IThawk
Copy link
Author

IThawk commented Oct 11, 2019 

let path = "D:\\workSpace\\myrust\\rust-demo\\web_tcp\\config\\sample.pem";
let f = fs::File::open(path)
    .map_err(|e| error(format!("failed to open {}: {}", path, e)))?;
let rds = io::BufReader::new(f);
let mut ca = Some(rds);
// Prepare the HTTPS connector.
println!("读取证书完成");
let https = match ca {
    Some(ref mut rd) => {
        // Build an HTTP connector which supports HTTPS too.
        let mut http = client::HttpConnector::new(4);
        http.enforce_http(false);
        // Build a TLS client, using the custom CA store for lookups.
        let mut tls = rustls::ClientConfig::new();
        tls.root_store
            .add_pem_file(rd)
            .map_err(|_| error("failed to load custom CA store".into()))?;
        // Join the above part into an HTTPS connector.
        hyper_rustls::HttpsConnector::from((http, tls))
    }
    // Default HTTPS connector.

    None => {
        println!("证书有问题!");
        hyper_rustls::HttpsConnector::new(4)
    }
};

@ctz
Copy link
Member

ctz commented Nov 7, 2019

The destination must be a hostname, not an IP address. Connecting via an IP address isn't supported currently in the rustls or webpki crates.

@ctz ctz closed this as completed Nov 7, 2019
@mcobzarenco
Copy link

This seem a pretty major limitation of rustls IMO 😞

@LucioFranco LucioFranco mentioned this issue Mar 6, 2020
Closed
alessandrod added a commit to foniod/foniod that referenced this issue Apr 23, 2020
@alessandrod
aggregations/container: use openssl to connect to the kubernetes API
89b63c7 
See rustls/hyper-rustls#84
alessandrod added a commit to foniod/foniod that referenced this issue Apr 23, 2020
@alessandrod
aggregations/container: use openssl to connect to the kubernetes API
a6674df 
See rustls/hyper-rustls#84
@ufoscout
Copy link

@ctz I guess this issue should be kept open to track the possible resolution of the problem.
In a project of my company, we had to move from rustls to openssl due to this. We would be happy to switch back to rustls when this is solved.

@lucab
Copy link
Contributor

lucab commented Jul 16, 2020

@ufoscout see #56.

@jasonish jasonish mentioned this issue Sep 2, 2020
Closed
@junlarsen junlarsen mentioned this issue Oct 2, 2020
Closed
jgrund added a commit to whamcloud/integrated-manager-for-lustre that referenced this issue Oct 2, 2020
@jgrund
Use default-tls for wbem-client
aa43630 
Due to rustls/hyper-rustls#84 and the fact that
we may use ip addresses for this endpoint, we need to switch the
wbem-client back to using openssl.

Signed-off-by: Joe Grund <jgrund@whamcloud.io>
@jgrund jgrund mentioned this issue Oct 2, 2020
Merged
jgrund added a commit to whamcloud/integrated-manager-for-lustre that referenced this issue Oct 2, 2020
@jgrund
Use default-tls for wbem-client (#2301)
62b63ba 
Due to rustls/hyper-rustls#84 and the fact that
we may use ip addresses for this endpoint, we need to switch the
wbem-client back to using openssl.

Signed-off-by: Joe Grund <jgrund@whamcloud.io>
@webern webern mentioned this issue Aug 23, 2021
Closed
@nachoparker nachoparker mentioned this issue Sep 7, 2021
Closed
@webern webern mentioned this issue Sep 21, 2021
Closed
3 tasks
@oxlade39
Copy link

oxlade39 commented Mar 4, 2022

I came across this when using rustls + hyper-rustls + hyper-proxy. I think I'm getting this error because the proxy is an IP address.

I'm not sure how to proceed here, it seems a fundamental blocker that the address must be a hostname.
Why's this been closed?

@djc
Copy link
Member

djc commented Mar 4, 2022

Because it is tracked in #56.

@oxlade39
Copy link

oxlade39 commented Mar 4, 2022

Because it is tracked in #56.

Thank you. I didn't see that.

@oxlade39 oxlade39 mentioned this issue Mar 4, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@lucab @oxlade39 @djc @ctz @mcobzarenco @ufoscout @IThawk