Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Done
Priority: Critical - P2
Fix Version/s: v1.3.10
Affects Version/s: None
Component/s: manual
Labels:
- security-review
Environment:
http://docs.mongodb.org/manual/tutorial/configure-x509/

We need CA to make sure that the certificate provided by the client is valid.

Without CA the intruder could just generate his own certificate.

is related to

SERVER-14709 Server should explicitly disallow usage of X509 authentication without specifying CA

Closed

related to

DOCS-3701 mongo shell --sslCAFile needs more explanation

Closed

Assignee:: Unassigned

Reporter:: Alexander Komyagin (Inactive)

Participants:: Alexander Komyagin, Githook User

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: Jul 28 2014 05:56:19 PM UTC

Updated:: Apr 19 2024 05:45:54 PM UTC

Resolved:: Aug 22 2014 08:09:29 PM UTC

Days since reply:: 9 years, 36 weeks ago