-
Type: Improvement
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Component/s: Security, URI Options
-
None
-
Needed
-
-
(copied to CRM)
Drivers that use TLS libraries or runtime TLS APIs based on openssl 3 may throw errors such as MongoServerSelectionError: C8320000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:c:\ws\deps\openssl\openssl\ssl\statem\extensions.c:922: in certain environments (such as when run behind corporate firewalls).
To ensure developers can work around this, the SSL_OP_LEGACY_SERVER_CONNECT SSL option flag should be configurable via the MongoClient.
- is related to
-
SERVER-83695 Customer facing SSL certificate errors PyMongo v6.0: "Unsafe Legacy Renegotiation"
- Closed
-
NODE-5887 Allow secureOptions to be pass to the TLS socket.
- Closed
- split to
-
CDRIVER-5512 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Backlog
-
CSHARP-5008 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Backlog
-
CXX-2992 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Backlog
-
RUBY-3422 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Backlog
-
RUST-1884 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Backlog
-
PHPLIB-1411 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Blocked
-
GODRIVER-3160 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Closed
-
JAVA-5368 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Closed
-
MOTOR-1280 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Closed
-
NODE-6025 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Closed
-
PYTHON-4279 Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient
- Closed