TLSMODE verify-full - getting confused
I found this statement in vertica documentation
VERIFY_FULL is unsupported for client-server TLS (the connection type handled by ServerTLSConfig) and behaves as VERIFY_CA.
And yet I found my vertica verifying server hostname against the server certificate when connecting from DBeaver (JDBC) in VERIFY_FULL. What does that mean, is hostname verification working or not?
0
Answers
I think I got it. THere's a TLS mode on both the server and the client (because they each can verify each other's host names). And the one on the server will not verify client's host name even if you set tls mode to VERIFY_FULL. Did I get this right?