[PR #83] Allow setting the server hostname for TLS connection #138

New issue

Open

opened 2026-05-05 11:02:18 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 11:02:18 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/mmatczuk/go-http-tunnel/pull/83
Author: @ameir
Created: 7/11/2018
Status: 🔄 Open

Base: master ← Head: allow-specify-server-hostname

📝 Commits (1)

53684ea When using SAN certs, hostname verification is enforced. If the server hostname in server_addr doesn't match one of the names in the cert, then the connection fails. This PR allows you to specify an allowed hostname. The use-case for this is that we have auto-generated certs per node in AWS, but are establishing the tunnel through an NLB. The NLB hostname does not match what is in the cert, so the connection fails without this patch.

📊 Changes

2 files changed (+15 additions, -10 deletions)

View changed files

📝 cmd/tunnel/config.go (+7 -6)
📝 cmd/tunnel/tunnel.go (+8 -4)

📄 Description

When using SAN certs, hostname verification is enforced. If the server hostname in server_addr doesn't match one of the names in the cert, thenthe connection fails. This PR allows you to specify an allowed hostname. The use-case for this is that we have auto-generated certs per node in AWS,but are establishing the tunnel through an NLB. The NLB hostname does not match what is in the cert, so the connection fails without this patch.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/mmatczuk/go-http-tunnel/pull/83 **Author:** [@ameir](https://github.com/ameir) **Created:** 7/11/2018 **Status:** 🔄 Open **Base:** `master` ← **Head:** `allow-specify-server-hostname` --- ### 📝 Commits (1) - [`53684ea`](https://github.com/mmatczuk/go-http-tunnel/commit/53684ea401e3fe42d7b29c1b83c28a3f044c97c0) When using SAN certs, hostname verification is enforced. If the server hostname in `server_addr` doesn't match one of the names in the cert, then the connection fails. This PR allows you to specify an allowed hostname. The use-case for this is that we have auto-generated certs per node in AWS, but are establishing the tunnel through an NLB. The NLB hostname does not match what is in the cert, so the connection fails without this patch. ### 📊 Changes **2 files changed** (+15 additions, -10 deletions) <details> <summary>View changed files</summary> 📝 `cmd/tunnel/config.go` (+7 -6) 📝 `cmd/tunnel/tunnel.go` (+8 -4) </details> ### 📄 Description When using SAN certs, hostname verification is enforced. If the server hostname in `server_addr` doesn't match one of the names in the cert, thenthe connection fails. This PR allows you to specify an allowed hostname. The use-case for this is that we have auto-generated certs per node in AWS,but are establishing the tunnel through an NLB. The NLB hostname does not match what is in the cert, so the connection fails without this patch. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

gitea-mirror added the

pull-request

label 2026-05-05 11:02:18 -06:00

No labels

pull-request

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/go-http-tunnel#138

No description provided.

Rows
Columns