As a disclaimer, I am not a TLS certificate expert.
I’ve opted to use/download Redis’ generated (from the GUI) certificate bundle in order to establish a TLS connection between my Go client (go-redis) and my Redis DB. Redis’ generated certificates do not include a SAN field.
Unfortunately it seems like Go’s standard library method for verifying certificates no longer supports certificates without SANs:
So Go’s crypto/x509 library returns the following error:
“x509: certificate relies on legacy Common Name field, use SANs instead”
Curious if anyone has ran into this issue as well or if Redis Labs has any intention of using SANs in their generated TLS certificates.
Go version: 1.18.3