Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-31701

Shell cannot connect with --ssl to a mongod with TLS1_0 disabled

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major - P3
    • Resolution: Unresolved
    • Affects Version/s: 3.4.9
    • Component/s: Shell
    • Labels:
      None

      Description

      Shell cannot connect to mongod with TLS1_0 disabled

      The mongod log file

      tail mongod.log
      2017-10-24T14:13:27.180-0400 I CONTROL  [initandlisten]
      2017-10-24T14:13:27.180-0400 I CONTROL  [initandlisten] ** WARNING: No SSL certificate validation can be performed since no CA file has been provided
      2017-10-24T14:13:27.180-0400 I CONTROL  [initandlisten] **          Please specify an sslCAFile parameter.
      2017-10-24T14:13:27.180-0400 I CONTROL  [initandlisten]
      2017-10-24T14:13:27.182-0400 I FTDC     [initandlisten] Initializing full-time diagnostic data capture with directory '/data/diagnostic.data'
      2017-10-24T14:13:27.182-0400 I NETWORK  [thread1] waiting for connections on port 27017 ssl
      2017-10-24T14:13:28.011-0400 I FTDC     [ftdc] Unclean full-time diagnostic data capture shutdown detected, found interim file, some metrics may have been lost. OK
      2017-10-24T14:13:29.984-0400 I NETWORK  [thread1] connection accepted from 127.0.0.1:53537 #1 (1 connection now open)
      2017-10-24T14:13:29.984-0400 E NETWORK  [conn1] SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
      2017-10-24T14:13:29.984-0400 I -        [conn1] end connection 127.0.0.1:53537 (1 connection now open)
      

        Attachments

          Activity

            People

            Assignee:
            backlog-server-security Backlog - Security Team
            Reporter:
            vick.mena Vick Mena
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated: