Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-36250

Add support for optionally logging specific negotiated TLS versions

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.4.19, 3.6.9, 4.0.4, 4.1.4
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Backport Requested:
      v4.0, v3.6, v3.4
    • Sprint:
      Platforms 2018-08-27, Security 2018-09-10, Security 2018-09-24
    • Linked BF Score:
      0

      Description

      A flag and config flag needs to be added so that the server will log TLS connections of a specific set of versions.

      Possible syntax:
      --tlsLogTLSVersions=[TLS1_0, TLS1_1, TLS1_2]

      This will log to the log file as:
      Accepted from TLS Version 1.0 from connection 127.0.0.1

      CC Cory Mintz

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: