Bug #97738 | cannot use Connector/NET with pem files when account uses "require subject" | ||
---|---|---|---|
Submitted: | 21 Nov 2019 18:37 | Modified: | 6 Feb 2020 22:52 |
Reporter: | Oliver Steinau | Email Updates: | |
Status: | No Feedback | Impact on me: | |
Category: | Connector / NET | Severity: | S2 (Serious) |
Version: | 8.0.18 | OS: | Windows (10) |
Assigned to: | CPU Architecture: | Any |
[21 Nov 2019 18:37]
Oliver Steinau
[21 Nov 2019 18:39]
Oliver Steinau
client certificate
Attachment: client-cert.pem (application/octet-stream, text), 1.07 KiB.
[21 Nov 2019 18:39]
Oliver Steinau
client key
Attachment: client-key.pem (application/octet-stream, text), 1.66 KiB.
[22 Nov 2019 2:19]
Bradley Grainger
It looks like Connector/NET simply uses an empty collection for the client certificates if they're supplied in PEM format: https://github.com/mysql/mysql-connector-net/blob/133dbe5a678d5bd7f1a8adffd7dc28d4f7d20d2b... This scenario works correctly in https://www.nuget.org/packages/MySqlConnector/ which dynamically creates an X.509 certificate from the client certificate PEM files and uses it for mutual authentication.
[22 Nov 2019 12:50]
Oliver Steinau
this is rediculous. Bradley, thank you for providing a working implementation.
[4 Dec 2019 5:56]
Bradley Grainger
This bug may be a duplicate of the second part of bug #95436.
[6 Jan 2020 22:52]
MySQL Verification Team
Please check for duplicate with bug https://bugs.mysql.com/bug.php?id=95436. Thanks.
[7 Feb 2020 1:00]
Bugs System
No feedback was provided for this bug for over a month, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open".