Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-14511

Check Extended Key Usage in mongod SSL certificate on startup

    XMLWordPrintableJSON

Details

    • Icon: New Feature New Feature
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • 2.4.5, 2.6.3
    • Security
    • None
    • Server Security

    Description

      If Extended Key Usage is specified, it should contain both "TLS Web Server Authentication" and "TLS Client Server Authentication", because the same cert is being used for creating and accepting internal connections in between the RS members.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            alex.komyagin@mongodb.com Alexander Komyagin
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated: