grpcui icon indicating copy to clipboard operation
grpcui copied to clipboard
verified publisher icon fullstorydev

grpcui does not respect GODEBUG=x509ignoreCN=0 env var

Open pigfrown opened this issue 3 years ago • 2 comments

Attempting to connect to a grpc server where the TLS cert "relies on legacy common name" causes an error with grpcui/grpcurl.

To work around this you can set the GODEBUG=x509ignoreCN=0 env var.

grpcurl uses this env var and allows the connection, but grpcui does not.

Edit: I just tested this on a colleagues machine (ARM mac) and grpcurl also seems to ignore this env var. They are using grpcurl version 1.8.5. My grpcurl version is "grpcurl dev build " which isn't very useful. My environment is linux if that makes a difference

pigfrown avatar Jan 13 '22 11:01 pigfrown

@pigfrown, do you know in what version of the Go runtime was support for that environment variable added?

jhump avatar Feb 07 '22 17:02 jhump

GODEBUG=x509ignoreCN=0 is no longer supported after golang 1.17 maybe you can try httpClient := &http.Client{ Transport: &http.Transport{ TLSClientConfig: &tls.Config{ InsecureSkipVerify: true, }, }, }

resp, err := httpClient.Get("https://example.com")

goalkeeper1983 avatar Feb 28 '23 17:02 goalkeeper1983