[SERVER-59062] Streamline SSL layer for better X509 infrastructure support - MongoDB Jira

XML

Word

Printable

Details

Type: Task
Status: Closed
Priority: Major - P3
Resolution: Duplicate
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

Instead of having separate CA vs CusterCA, we should have a single CA with role separation: e.g.: allow specifying limitations on which CA can be used for what purpose. Specifically, to pin X509 authorization to a specific roots only

Attachments

Activity

People

Assignee:: Backlog - Security Team

Reporter:: Sergey Galtsev

Participants:: Backlog - Security Team, Sergey Galtsev

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: Aug 03 2021 03:51:42 PM UTC

Updated:: Aug 11 2021 12:26:21 PM UTC

Resolved:: Aug 11 2021 12:26:21 PM UTC