crypto/x509: add GODEBUG option x509ignoreCN=1
When x509ignoreCN=1 is present in GODEBUG, ignore the deprecated Common Name field. This will let people test a behavior we might make the default in the future, and lets a final class of certificates avoid the NameConstraintsWithoutSANs error. Updates #24151 Change-Id: I1c397aa1fa23777b9251c311d02558f9a5bdefc0 Reviewed-on: https://go-review.googlesource.com/123695Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
Showing
Please
register
or
sign in
to comment