On Friday, 10 June 2022 at 14:31:10 UTC+1 Andreas Götz wrote: > On Thursday, June 9, 2022 at 6:44:58 PM UTC+2 Brian Candler wrote: > >> I forgot to add one thing, and you didn't paste the whole certificate PEM >> so I can't check this. >> >> Recent versions of Go won't verify the certificate unless it contains a >> subjectAltName; matching against only the CN is no longer supported. >> > > I am aware of the rejection of SHA1 hashes, but not this change. Could you > kindly share the CL or release note? Much appreciated! >
In the release notes for go 1.15: https://go.dev/doc/go1.15#commonname The transitional override (GODBEUG=x509ignoreCN=0) was removed in 1.17. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/16190f27-fdb3-4f97-a431-c3c5da247118n%40googlegroups.com.
