Can't prompt for PEM password with —fork

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Won't Fix
    • Priority: Major - P3
    • None
    • Affects Version/s: 2.5.2
    • Component/s: Security
    • None
    • ALL
    • Hide

      Build mongod with ssl enabled. Run something like

      mongod --sslOnNormalPorts --sslPEMKeyFile testServer.pem --sslCAFile testCA/cacert.pem --sslClusterFile testCluster.pem --clusterAuthMode x509 --fork --logpath log.out

      where one of the .pem files is password protected

      Show
      Build mongod with ssl enabled. Run something like mongod --sslOnNormalPorts --sslPEMKeyFile testServer.pem --sslCAFile testCA/cacert.pem --sslClusterFile testCluster.pem --clusterAuthMode x509 --fork --logpath log.out where one of the .pem files is password protected
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      When running a mongod with --sslPEMKeyFile or --sslClusterFile, normally the user will be prompted for their key passwords for each given key if --sslPEMKeyPassword or --sslClusertPassword are not added as command line arguments.

      However, if a user uses a password-protected keyfile without a password given as a command line argument and also uses --fork, they are never prompted for a password; mongod just fails with the message:

      ERROR: cannot read PEM key file: /home/kyle/QA/QA-339/testCluster.pem error:0906406D:PEM routines:PEM_def_callback:problems getting password

      Forking without supplying a password for a .pem file on the command line should either still prompt the user for the password, or fail with a much more specific error message.

            Assignee:
            Unassigned
            Reporter:
            Kyle Erf (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: