Closed jstelzer closed 2 years ago
I'm not sure about the first issue - you may want to ask on the upstream security-framework
repository.
On the second issue, Security.framework only looks at Subject Alternative Name entries on the certificate and ignores the old legacy Common Name entries. I would guess that would be your issue.
Will do, thanks.
To make this as simple as possible I've narrowed it down to this test:
I'm a novice with rust, so my apologies if this is not the right place.
On my linux box, this test passed. On my mac (M1 running v12.2.1 I get this:
That all said, I do appreciate the work that you've put into postgres/tls. The
postgres-native-tls
repo builds but unit tests fail due to the same underlying issue, i think, on macos.However, the
postgres-openssl
crate builds and all tests pass as long as I set OPENSSL_DIR and my target arch correctly. So that will do for me for now.Finally, on macos when I was testing things using your handy docker-compose yaml file, on linux things went as expected but on the macos side, i kept getting errors about the certificate. I ended up doing
on the tls connector. This seemed only to be needed for localhost and only on macos.