Added the following changes: - hostname validation and static CRL options for client certificate authentication - Fix for starting mysql on when not using docker-machine with docker overlay2 fs - Negative tests for: - No client cert - Client cert signed by untrusted root - Client cert signed by an intermediate cert that is not a CA - Client cert with wrong hostname - Expired client cert - Client cert has been revoked in static CRL file - Positive test for: - 3-part cert chain (root->intermediate->client cert) - Added two more services to the integration tests: - Router with permissive TLS client auth settings (no hostname verification or revocation) - Router with TLS client auth turned off
[ Full content available at: https://github.com/apache/incubator-druid/pull/6076 ] This message was relayed via gitbox.apache.org for [email protected]
