-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Labels:None
Description
In our tutorial to enforce key access control in replica sets without downtime, the last paragraph of step nine, reads:
At the end of this step, all secondaries and arbiters should be up and running with internal authentication configured, but without security.keyFile. Clients can only connect to these mongod instances by using the configured client authentication mechanism.
I believe it was meant to say "but without security.transitionToAuth" because "security.keyFile" is meant to stay there after the procedure is finished. Otherwise, authentication won't work (at least from the steps given up to that point and after in the tutorial).