1.5.53 October 9th, 2025
Akka.NET v1.5.53 is a security patch containing important fixes for TLS/SSL hostname validation and improved error diagnostics for certificate authentication issues.
Security Fixes:
- Fix TLS hostname validation bug and add configurable validation - Fixes a critical bug where TLS clients validated against their own certificate DNS name instead of the remote server address, particularly affecting mutual TLS scenarios. This release also adds a new
validate-certificate-hostnameconfiguration option toakka.remote.dot-netty.tcp(defaults tofalsefor backward compatibility) and introduces type-safe validation APIs through the newTlsValidationCallbacksfactory class.
Improvements:
- Improve TLS/SSL certificate error messages during handshake failures - Provides human-readable, actionable error messages for TLS/SSL certificate validation failures with detailed troubleshooting guidance, significantly improving the developer experience when configuring certificate-based authentication.
1 contributor since release 1.5.52
| COMMITS | LOC+ | LOC- | AUTHOR |
|---|---|---|---|
| 2 | 1060 | 77 | Aaron Stannard |
To see the full set of changes in Akka.NET v1.5.53, click here
Changes:
- dfee7bb Prepare v1.5.53 release
- 4eaf307 Fix TLS hostname validation bug and add configurable validation (#7897) [ #7893 ]
- 8644c59 Improve TLS/SSL certificate error messages during handshake failures (#7891) [ #7890 ]
This list of changes was auto generated.