pkg/transport: don't set certificates on tls config#9542
pkg/transport: don't set certificates on tls config#9542roboll wants to merge 1 commit intoetcd-io:masterfrom roboll:tls-reload
Conversation
|
Can you confirm this fixes #9541? |
|
Yeah in my tests here it definitely fixes the issue. I haven't looked at the CI failures yet. |
|
Our TLS reload was introduced since 3.2 and the go runtime logic works that way with Go 1.8 as well. So, we will backport this to 3.2 and 3.3. |
gyuho
left a comment
gyuho
left a comment
There was a problem hiding this comment.
lgtm. thanks!
will merge after CI greens.
gyuho
left a comment
gyuho
left a comment
There was a problem hiding this comment.
Actually, this somehow breaks TLS tests for certs with SAN field. Will take another look next week.
|
👍 Let me know what you need from me. |
|
hey @gyuho anything I can do to help out here? |
|
@roboll Sorry, I looked into it and found this breaks other TLS reload tests. But, still think this is the right approach. Just want to take some time to understand how Go TLS works with this change, and fix the test failures. I had to work on something else, but I should be able to get back to this by this week and plan is release this patch by next week. I will give you more updates as I investigate further. |
|
@gyuho sounds good, ping me if you need a hand otherwise I'll check back in a few days 👍. |
|
Test failures happen in our |
2 participants
Fixes #9541