async-tls icon indicating copy to clipboard operation
async-tls copied to clipboard

Published 20 hours ago verified publisher icon async-rs

Why do you perform domain validation on IP addresses?

Open d-e-s-o opened this issue 5 years ago • 3 comments

See above. When I try to connect to an IP address I get a complaint about an invalid domain. Other TLS crates seem fine with an IP to connect to. Why is this check in place for IP addresses?

d-e-s-o avatar Dec 28 '19 03:12 d-e-s-o

This is a missing feature in WebPKI.

Demi-Marie avatar Feb 25 '20 19:02 Demi-Marie

Just to clarify, is there any work-around to the domain validation? I want to test against a local tls server, but I'm encountering the "invalid domain" error with little additional context.

If someone could provide a solution to the error, a work-around, or resources for further reading that would be greatly appreciated.

Thanks in advance!

sachanganesh avatar Aug 04 '20 21:08 sachanganesh

The only workarounds are:

  • Implement it oneself with a custom certificate verifier.
  • Implement it oneself and get it upstreamed to WebPKI.
  • Pay Brian Smith to add support for it to WebPKI.

Demi-Marie avatar Aug 05 '20 00:08 Demi-Marie