Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-124

Perform SSL server certificate validation in the drivers

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • None

    Description

      Like SERVER-10330, but for all drivers that support SSL. Drivers should by default refuse to connect to servers that present expired certificates, certificates that are not-yet-valid, certificates that do not match the host name that the client tried to connect to, certificates with bad signatures and revoked certificates, at least.

      This behavior should be configurable by client code, in case the client intentionally wishes to ignore that the server's certificate is bad.

      Attachments

        Issue Links

          Activity

            People

              barrie Barrie Segal
              schwerin@mongodb.com Andy Schwerin
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: