Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-2823

Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • Security, URI Options
    • None
    • Needed

    Description

      Drivers that use TLS libraries or runtime TLS APIs based on openssl 3 may throw errors such as MongoServerSelectionError: C8320000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:c:\ws\deps\openssl\openssl\ssl\statem\extensions.c:922: in certain environments (such as when run behind corporate firewalls).

      To ensure developers can work around this, the SSL_OP_LEGACY_SERVER_CONNECT SSL option flag should be configurable via the MongoClient.

      Attachments

        Activity

          People

            shane.harvey@mongodb.com Shane Harvey
            alex.bevilacqua@mongodb.com Alex Bevilacqua
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: