We're Moving!

The Vertica Forum is moving to a new OpenText Analytics Database (Vertica) Community.

Join us there to post discussion topics, learn about

product releases, share tips, access the blog, and much more.

Create My New Community Account Now


TLSMODE verify-full - getting confused — Vertica Forum

TLSMODE verify-full - getting confused

dimitri_pdimitri_p
in General Discussion

I found this statement in vertica documentation

VERIFY_FULL is unsupported for client-server TLS (the connection type handled by ServerTLSConfig) and behaves as VERIFY_CA.

And yet I found my vertica verifying server hostname against the server certificate when connecting from DBeaver (JDBC) in VERIFY_FULL. What does that mean, is hostname verification working or not?

Answers

  • dimitri_pdimitri_p
    edited April 2

    I think I got it. THere's a TLS mode on both the server and the client (because they each can verify each other's host names). And the one on the server will not verify client's host name even if you set tls mode to VERIFY_FULL. Did I get this right?

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
SpoilerCodeQuote
Heading 2Heading 1
Emoji
:):D:(;):/:o:s:p:'(:|B):#:*<3o:)>:)
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home General DiscussionComment As ...