Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-39217

TLS intermediate CA certificate not working with macOS and 4.0.5

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 4.0.5
    • 4.0.8, 4.1.9
    • Security
    • None
    • Minor Change
    • OS X
    • v4.0
    • Hide

      See attached file repro.tar.gz and read the README.markdown file for full repro details and results

      note the file has some private keys but they were generated just for this repro

      Show
      See attached file repro.tar.gz and read the README.markdown file for full repro details and results note the file has some private keys but they were generated just for this repro
    • Security 2019-02-11, Security 2019-02-25, Security 2019-03-11

    Description

      Combination of the following conditions causes a failure to connect with TLS from mongo shell:

      • Server's PEMKeyFile includes the server key and cert, and also the intermediate CA cert that signed the server cert
      • mongo shell CAFile is the root CA cert that signed the intermediate cert
      • Running MongoDB 4.0.5 (does not fail on 3.6)
      • Running on macOS (does not fail on Linux)

      Attachments

        Activity

          People

            sara.golemon@mongodb.com Sara Golemon
            spencer.brown@mongodb.com Spencer Brown
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: