Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-36250

Add support for optionally logging specific negotiated TLS versions

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Minor - P4
    • Resolution: Fixed
    • None
    • 3.4.19, 3.6.9, 4.0.4, 4.1.4
    • None
    • None
    • Fully Compatible
    • v4.0, v3.6, v3.4
    • Platforms 2018-08-27, Security 2018-09-10, Security 2018-09-24
    • 0

    Description

      A flag and config flag needs to be added so that the server will log TLS connections of a specific set of versions.

      Possible syntax:
      --tlsLogTLSVersions=[TLS1_0, TLS1_1, TLS1_2]

      This will log to the log file as:
      Accepted from TLS Version 1.0 from connection 127.0.0.1

      CC cory.mintz

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. SERVER-45803 mongodecrypt needs a ServiceContext

          • Major - P3 - Major loss of function.
          • Closed
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-34558 Add SSL_version to client metadata logging

          • Major - P3 - Major loss of function.
          • Closed
          related to

          Bug - A problem which impairs or prevents the functions of the product. SERVER-37130 Add TLS version counting to mongos

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              mark.benvenuto@mongodb.com Mark Benvenuto
              mark.benvenuto@mongodb.com Mark Benvenuto
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: