Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11030

Can't prompt for PEM password with —fork

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Won't Fix
    • Icon: Major - P3 Major - P3
    • None
    • 2.5.2
    • Security
    • None
    • ALL
    • Hide

      Build mongod with ssl enabled. Run something like

      mongod --sslOnNormalPorts --sslPEMKeyFile testServer.pem --sslCAFile testCA/cacert.pem --sslClusterFile testCluster.pem --clusterAuthMode x509 --fork --logpath log.out

      where one of the .pem files is password protected

      Show
      Build mongod with ssl enabled. Run something like mongod --sslOnNormalPorts --sslPEMKeyFile testServer.pem --sslCAFile testCA/cacert.pem --sslClusterFile testCluster.pem --clusterAuthMode x509 --fork --logpath log.out where one of the .pem files is password protected

    Description

      When running a mongod with --sslPEMKeyFile or --sslClusterFile, normally the user will be prompted for their key passwords for each given key if --sslPEMKeyPassword or --sslClusertPassword are not added as command line arguments.

      However, if a user uses a password-protected keyfile without a password given as a command line argument and also uses --fork, they are never prompted for a password; mongod just fails with the message:

      ERROR: cannot read PEM key file: /home/kyle/QA/QA-339/testCluster.pem error:0906406D:PEM routines:PEM_def_callback:problems getting password

      Forking without supplying a password for a .pem file on the command line should either still prompt the user for the password, or fail with a much more specific error message.

      Attachments

        Activity

          People

            Unassigned Unassigned
            kyle.erf Kyle Erf
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: