Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-12152

Clarify how to configure client certificate and CA file for oplog store and blockstore

    XMLWordPrintableJSON

Details

    Description

      Description

      In the UI for both, oplog store and blockstore configuration, we only have the `Use TLS/SSL` check box:

      However there is no way to configure client certificate location or CA file from the UI.

      I suspect that the answer is that SSL needs to be enabled for the Application Database and that mongodb.ssl.CAFile, mongodb.ssl.PEMKeyFile and mongodb.ssl.PEMKeyFilePassword from conf-mms.properties will be used for the oplog store.

      Consequently, it is not possible to use a different set of certificates for blockstore/oplog store than those that are used for the App DB.

      But it is not really obvious from the documentation:

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Activity

          People

            tony.sansone@mongodb.com Anthony Sansone (Inactive)
            dmitry.ryabtsev@mongodb.com Dmitry Ryabtsev
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              4 years, 40 weeks, 4 days ago