-
Type: Bug
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: mongodb-3.0
-
Component/s: manual
-
Labels:None
http://docs.mongodb.org/manual/reference/program/mongo/
3.0 has new option sslAllowInvalidHostnames, which is documented. What doesn't appear to be documented in 3.0's new handling of hostname validation when --sslAllowInvalidHostnames is not used:
- mongod will check that the hostname of the host to which the connection was made matches the hostname in the certificate
- if --host is not specified on the command line, the mongo shell will succeed in connecting to the default of 127.0.0.1/localhost, but that will likely not match the hostname in the certificate, causing the authentication to fail with error "The server certificate does not match the host name"
- related to
-
DOCS-5318 Update with new 3.0 options to SSL Configuration for Clients
- Closed