Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-28014

When SSL mode is preferSSL, log connections that do not use SSL

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.14, 3.4.4, 3.5.5
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Backport Requested:
      v3.4, v3.2, v3.0
    • Sprint:
      Platforms 2017-03-27
    • Case:

      Description

      When a client makes a SSL connection to the host, with certificate or not, the client metadata captured in the log does not contain SSL related information, except SERVER-24176 which logs the peersubjectName only when the client has provided a valid certificate. For a MongoDB configurations that allow SSL and non-SSL connections, this is very difficult for admins to identify if a connection from a client is SSL encrypted or not.
      It would be very useful to flag the SSL connection details for all types of SSL connections.

        Attachments

          Issue Links

          related to

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-28015 Have SSL connection details in db.currentOp()

          • Major - P3 - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              samantha.ritter Samantha Ritter (Inactive)
              Reporter:
              tom.li Tom Li
              Participants:
              Votes:
              1 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: