Details
-
Improvement
-
Resolution: Done
-
Critical - P2
-
None
Description
We need CA to make sure that the certificate provided by the client is valid.
Without CA the intruder could just generate his own certificate.
Attachments
Issue Links
- is related to
-
SERVER-14709 Server should explicitly disallow usage of X509 authentication without specifying CA
-
- Closed
-
- related to
-
DOCS-3701 mongo shell --sslCAFile needs more explanation
-
- Closed
-