Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-12152

Clarify how to configure client certificate and CA file for oplog store and blockstore

    XMLWordPrintable

Details

    • 0.2
    • KANBAN BUCKET
    • true

    Description

      Description

      In the UI for both, oplog store and blockstore configuration, we only have the `Use TLS/SSL` check box:

      However there is no way to configure client certificate location or CA file from the UI.

      I suspect that the answer is that SSL needs to be enabled for the Application Database and that mongodb.ssl.CAFile, mongodb.ssl.PEMKeyFile and mongodb.ssl.PEMKeyFilePassword from conf-mms.properties will be used for the oplog store.

      Consequently, it is not possible to use a different set of certificates for blockstore/oplog store than those that are used for the App DB.

      But it is not really obvious from the documentation:

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Activity

          People

            tony.sansone@mongodb.com Anthony Sansone (Inactive)
            dmitry.ryabtsev@mongodb.com Dmitry Ryabtsev
            Anthony Sansone Anthony Sansone (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              3 years, 21 weeks, 2 days ago