[DOCS-12051] Docs for SERVER-36919: Add server setParameter tlsWithholdClientCertificate (bool) - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.0.3, 4.1.3, 3.6.9, 3.4.18
Component/s: manual, Server
Labels:
None

Epic Link:
DOCS: 4.2 Server/Tools

Description

Description:

When this new server parameter is specified, the mongod acting as a client during intracluster communication will NOT send its configured TLS certificate to the remote mongod.

Engineering Ticket Description:

Allow intra-cluster communications which aren't using MONGODB_X509 to establish TLS streams without using a client certificate even if one is configured for inbound connections.

Note that this setParameter will only be useful when used in connection with --tlsAllowConnectionsWithoutCertificates or similar settings which allow certificateless inbound connections.

Scope of changes

For 4.2 only:

add tlsWitholdClientCertificate as a setParameter option
Mark sslWithholdClientCertificate as a deprecated setParameter option and point to tlsWitholdClientCertificate

For 4.0.3, 3.4.18, 3.6.9:

add sslWithholdClientCertificate as a setParameter option

Attachments

Issue Links

documents

SERVER-36919 Add server setParameter tlsWithholdClientCertificate (bool)

Closed

Activity

People

Assignee:: Isabella Siu (Inactive)

Reporter:: Kay Kim (Inactive)

Participants:: Githook User, Isabella Siu, Kay Kim

Last commenter:: Jess Mokrzecki

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: Sep 12 2018 07:51:44 PM UTC

Updated:: Nov 16 2018 10:15:39 PM UTC

Resolved:: Oct 12 2018 09:17:36 PM UTC

Days since reply:: 4 years, 44 weeks, 6 days ago

Date of 1st Reply:: 26/Sep/18 9:36 PM