TLS requests to nomad servers failing x509 validation

[SoMuchToGrok]

Version: 0.14.2

We're running into TLS-related errors with the latest version. Haven't been able to do a deep dive yet, but it appears that the hashi-ui is trying to make TLS requests to the nomad servers using "nomad.service.consul", but those requests are failing because the servers don't have "client.global.nomad" in the X509v3 Subject Alternative Name section of their cert.

global: Get https://nomad.service.consul:4646/v1/status/leader?region=global&wait=60000ms: x509: certificate is valid for nomad-s-qa-2-217.node.consul, localhost, nomad-s-qa-2-217.node.aws-us-west-2.consul, nomad.service.aws-us-west-2.consul, nomad.service.consul, server.global.nomad, not client.global.nomad

Issue is not present in v0.13.6. I had to revert fairly quickly, so couldn't spend much time investigating. Let me know if you'd like anymore information - willing to assist in any way I can.

[jippi]

I think this is a bug in Nomad hashicorp/nomad#3013 and hashicorp/nomad#2490

I'm not doing anything different in the Go part of hashi-ui on TLS, so if it fails, it an upstream SDK bug :(

Feel free to try the latest 0.15.0 release and see if it works for you again