Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-6641

Ability to configure supported ciphers when using SSL

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 2.0.6
    • Fix Version/s: 2.5.5
    • Component/s: Networking, Security
    • Labels:
      None
    • Environment:
      64-bit Linux (Centos 6.3)
    • Backwards Compatibility:
      Fully Compatible

      Description

      I am unable to find any way to specify which SSL ciphers to enable/disable. I would like to be able to disable LOW and EXP ciphers on the mongod server when using SSL.

      For Example, when mongod is running with ssl enabled on the server host the command

      echo "" | openssl s_client -cipher LOW:EXP -port 27017 -host 127.0.0.1

      should not return any supported ciphers.

        Attachments

          Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. SERVER-10520 Add SSL cipher restriction capability

          • Major - P3 - Major loss of function.
          • Closed

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: