Bug #85435 Expose SSL/TLS hostname validation state in workbench
Submitted: 14 Mar 2017 9:10 Modified: 17 Mar 2017 5:46
Reporter: Daniël van Eeden (OCA) Email Updates:
Status: Verified Impact on me:
Category:MySQL Workbench: SQL Editor Severity:S4 (Feature request)
Version:6.3.9 OS:Any
Assigned to: CPU Architecture:Any
Tags: SSL, tls

[14 Mar 2017 9:10] Daniël van Eeden
Currently workbench shows this in the "Session" status:

Name:  testhost
Host: testhost.example.com
Port: 3306
Server: MySQL Community Server (GPL)
Version: 5.6.35-log
Connector: C++ 1.1.8
Login User: myuser
Current User: myuser@10.%
SSL: Using AES256-SHA

This is good, but it would be nice to add something to indicate hostname validation status.

How to repeat:
See description

Suggested fix:
Host: testhost.example.com (secure)
Host: testhost.example.com (certificate for foobar.example.com)


Certificate: Valid, hostname: testhost.example.com
Certificate: NOT valid, certificate hostname: foo.example.com

So show if hostname and/or ca validation is enabled and even if it is not enabled show if the hostname matches the cerfificate.

Basically look at what browsers do..
[14 Mar 2017 9:11] Daniël van Eeden
Related to https://bugs.mysql.com/bug.php?id=75313
[17 Mar 2017 5:46] MySQL Verification Team
Hello Daniël,

Thank you for the report and feature request!