Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 5.1.0-rc0, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113, Server_Docs_20240319
Affects Version/s: None
Component/s: manual, Server
Labels:
None

Epic Link:
DOCSP-14300
Story Points:
3

Downstream Change Summary

With this change, a server running in FIPS mode will have the SCRAM-SHA-1 authentication mechanism disabled by default. It may still be enabled if setParameter.authenticationMechanisms is explicitly set.

Drivers which target MongoDB 4.0 and later are already capable of negotiating protocol and should continue to work without modification after this change.

Description of Linked Ticket

When FIPS mode is enabled, SCRAM-SHA1 should be disabled for intra-cluster authentication or DB user auth.

documents

SERVER-59528 Disable use of SCRAM-SHA1 for intra-cluster authentication or user credentials when net.tls.FIPSMode = true

Closed

Assignee:: Ian Fogelman

Reporter:: Backlog - Core Eng Program Management Team

Participants:: Backlog - Core Eng Program Management Team, Githook User, Ian Fogelman, PM Bot

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: Sep 14 2021 02:16:58 AM UTC

Updated:: Mar 20 2024 04:34:22 PM UTC

Resolved:: Nov 17 2021 06:49:28 PM UTC

Days since reply:: 2 years, 22 weeks, 1 day ago

Details

Description

Description of Linked Ticket

Attachments

Issue Links

Activity

People

Dates