[
https://issues.apache.org/jira/browse/MESOS-6981?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15838882#comment-15838882
]
Adam B commented on MESOS-6981:
-------------------------------
Fair point. It seems reasonable to me. [~tillt] should have further thoughts.
We've definitely run into this issue before at Mesophere.
> Allow disabling name based SSL checks
> -------------------------------------
>
> Key: MESOS-6981
> URL: https://issues.apache.org/jira/browse/MESOS-6981
> Project: Mesos
> Issue Type: Improvement
> Components: libprocess
> Reporter: Kevin Cox
> Labels: mesosphere, security
>
> Currently if you want to use verified certificates you need to enable
> validation by hostname or IP. However if you are running your own CA for
> these certificates it is often sufficient to verify solely based on the CA
> signature.
> For example if an admin wants to connect it is a pain to make sure that they
> always have a valid certificate for their IP or reverse DNS. It would be nice
> if the admin could be given a certificate that was trusted no matter where he
> is.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
