Ergonomic, hermetic, user-friendly software build system for Python, Go, Java, Kotlin, Protobuf, Scala, Shell. Pants lets you fearlessly scale up your codebase!

Pants

Hey all, I'm trying to get mTLS to play nice between `buildfarm` and `pants` and bumping into the following error when running pants:
```Unavailable: "error trying to connect: invalid peer certificate: NotValidForName"```
The only mention I've found is <https://pantsbuild.slack.com/archives/C046T6T9U/p1720515754721519|in an older comment> suggesting adding SANS names to the certificate.
I'm using <https://github.com/bazelbuild/bazel/blob/master/src/test/testdata/test_tls_certificate/README.md?plain=1#L1|the script provided in the bazelbuild repo> to create the certificates, and also tried adding the alt name in the ca and server certs using `-addext "subjectAltName = DNS:${SERVER_CN}"` without luck.
The `SERVER_CN` name is an FQDN, and the `CLIENT_CN` has been left empty.
In the pants config I've specified the `remote_ca_certs_path`, `remote_client_certs_path`, `remote_client_key_path`, `remote_instance_name`, and `remote_store_address`.

Any pointers would be greatly appreciated. :pray:
Thank you. :slightly_smiling_face:

This seems to have been an issue with the script that was generating the certs. I'll figure out what the issue was and open a PR on buildfarm's side to update the script :slightly_smiling_face: