TLS intermediate CA certificate not working with macOS and 4.0.5

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major - P3
    • 4.0.8, 4.1.9
    • Affects Version/s: 4.0.5
    • Component/s: Security
    • None
    • Minor Change
    • OS X
    • v4.0
    • Hide

      See attached file repro.tar.gz and read the README.markdown file for full repro details and results

      note the file has some private keys but they were generated just for this repro

      Show
      See attached file repro.tar.gz and read the README.markdown file for full repro details and results note the file has some private keys but they were generated just for this repro
    • Security 2019-02-11, Security 2019-02-25, Security 2019-03-11
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Combination of the following conditions causes a failure to connect with TLS from mongo shell:

      • Server's PEMKeyFile includes the server key and cert, and also the intermediate CA cert that signed the server cert
      • mongo shell CAFile is the root CA cert that signed the intermediate cert
      • Running MongoDB 4.0.5 (does not fail on 3.6)
      • Running on macOS (does not fail on Linux)

        1. repro.tar.gz
          9 kB

              Assignee:
              Sara Golemon (Inactive)
              Reporter:
              Spencer Brown
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: