Details
-
Bug
-
Resolution: Done
-
Major - P3
-
mongodb-3.0
-
None
Description
http://docs.mongodb.org/manual/reference/program/mongo/
3.0 has new option sslAllowInvalidHostnames, which is documented. What doesn't appear to be documented in 3.0's new handling of hostname validation when --sslAllowInvalidHostnames is not used:
- mongod will check that the hostname of the host to which the connection was made matches the hostname in the certificate
- if --host is not specified on the command line, the mongo shell will succeed in connecting to the default of 127.0.0.1/localhost, but that will likely not match the hostname in the certificate, causing the authentication to fail with error "The server certificate does not match the host name"
Attachments
Issue Links
- related to
-
DOCS-5318 Update with new 3.0 options to SSL Configuration for Clients
-
- Closed
-