Minor - P4
C# client libraries running on Windows 2012 R2 with select SChannel algorithms disabled as below seen from IISCrypto:
Connecting with TLS 1.2 with client certificate presented to CentoOS 7 mongod, rpm version:
Connection fails with the below log lines when full verbosity enabled:
020-05-22T03:12:54.931+0000 I NETWORK [listener] connection accepted from 10.4.3.137:62577 #85 (5 connections now open)
2020-05-22T03:12:54.931+0000 D EXECUTOR [listener] Starting new executor thread in passthrough mode
2020-05-22T03:12:54.932+0000 D NETWORK [conn85] Session from 10.4.3.137:62577 encountered a network error during SourceMessage
2020-05-22T03:12:54.932+0000 I NETWORK [conn85] end connection 10.4.3.137:62577 (4 connections now open)
Shared ciphers reported under these conditions are:
Having the C# driver connect to 'openssl s_server' with these ciphers gives a successful connection. Connecting to mongod using 'openssl s_client' with these ciphers set results in the same disconnection the C# driver sees.
Replacing mongod with a locally compiled binary of 3.6 produces a mongod that does accept connections under these conditions.