Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-14793

[SERVER] Investigate changes in SERVER-59528: Disable use of SCRAM-SHA1 for intra-cluster authentication or user credentials when net.tls.FIPSMode = true

    XMLWordPrintableJSON

Details

    Description

      Downstream Change Summary

      With this change, a server running in FIPS mode will have the SCRAM-SHA-1 authentication mechanism disabled by default. It may still be enabled if setParameter.authenticationMechanisms is explicitly set.

      Drivers which target MongoDB 4.0 and later are already capable of negotiating protocol and should continue to work without modification after this change.

      Description of Linked Ticket

      When FIPS mode is enabled, SCRAM-SHA1 should be disabled for intra-cluster authentication or DB user auth.

      Attachments

        Activity

          People

            ian.fogelman@mongodb.com Ian Fogelman
            backlog-server-pm Backlog - Core Eng Program Management Team
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              2 years, 12 weeks ago