Python client adds unexpected riak@ to certificate CN check [JIRA: CLIENTS-753] #433
Description
In https://github.com/basho/riak-python-client/blame/master/riak/transports/pbc/connection.py#L133 the prefix riak@ is added to the SSL certificate host check. Therefore the CN or SAN records of the server certificate need to be riak@<hostname> or riak@<ip_addr>`, whereas it's common practice to issue server certificate for the host-name or ip address of the server. The client behaviour is therefore unexpected. Furthermore, this behaviour is unique to the python and ruby clients and generally completely undocumented in Riak's server documentation.
The test certificate has a CN record of [email protected], which should be changed accordingly.