Details
-
Bug
-
Resolution: Done
-
Major - P3
-
None
-
*Location*: https://docs.mongodb.com/manual/tutorial/configure-x509-member-authentication/
*User-Agent*: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
*Referrer*: https://www.google.com/
*Screen Resolution*: 1920 x 1200
Description
We found that when using clusterFile along with PEMKeyFile, the DN (The Organization attributes (O‘s), the Organizational Unit attributes (OU‘s), and the Domain Components (DC‘s) must match those from the certificates for the other cluster members.) must match between not only the clusterFile certs for each member, but also for the PEMKeyFile cert. This was not clear from the documentation. I'd suggest making a note specifically about this in the PEMKeyFile section of this page.