Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-4599

Convert X509 authentication SSL/TLS settings to the most secure option when possible

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Won't Do
    • Icon: Major - P3 Major - P3
    • No version
    • None
    • Connectivity, Security
    • None
    • 2
    • Not Needed

    Description

      The current "backward compatible" conversion from connection model to connection info will add insecure options to the connection string.

      When safe and possible we want to convert to a more secure connection string, for example with Atlas we know that we can remove tlsAllowInvalidCertificates=true and tlsAllowInvalidHostnames=true and we do not need a CA and "client private key"

      Attachments

        Activity

          People

            Unassigned Unassigned
            maurizio.casimirri@mongodb.com Maurizio Casimirri
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: