Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SNOW-1858344: Add a static callback variable to HttpUtil for certificate verification #670

Open
Wyllyam73 opened this issue Jun 2, 2023 · 0 comments
Assignees
Labels
feature status-triage_done Initial triage done, will be further handled by the driver team

Comments

@Wyllyam73
Copy link

What is the current behavior?

When making connections to from AWS lambdas to snowflake servers, SSL is being rejected because of certificate name issue. We cannot fix the certificate but we know we can trust the specific certificate based on internal rules. For .NET 4.5, we used to add a custom callback on ServicePointManagerHelper so we can examine each certificate and selectively approve as needed based on specific criteria for both the host, certificate, and certificate chain. For .net core, the language removed this feature.

Currently, we are receiving this error based on how the certificate is being processed at the system level.
"The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch".

What is the desired behavior?

The callback function would be applied to the returned HttpMessageHandler within the HttpUtil.setupCustomHttpHandler function.

How would this improve snowflake-connector-net?

Provide users of the library with more control over certificate verification in obscure scenarios where certificate control is not possible from the server side and provide a consistent method across .net libraries for certificate analysis/processing via custom activities.

References, Other Background

What is your Snowflake account identifier, if any?

@sfc-gh-dszmolka sfc-gh-dszmolka added the status-triage_done Initial triage done, will be further handled by the driver team label Mar 12, 2024
@sfc-gh-dprzybysz sfc-gh-dprzybysz changed the title Add a static callback variable to HttpUtil for certificate verification SNOW-1858344: Add a static callback variable to HttpUtil for certificate verification Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature status-triage_done Initial triage done, will be further handled by the driver team
Projects
None yet
Development

No branches or pull requests

4 participants