[SERVER-7961] Use x.509 certificates for authentication - MongoDB

Details

Type: Improvement
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 2.3.2
Fix Version/s: 2.5.3
Component/s: Networking, Security
Labels:
None

Issue Links

has to be done after

SERVER-7202 SSL/TLS certificate validation support

Closed

has to be done before

SERVER-7455 Replace the keyfile used for replica sets with x.509 authentication

Closed

is depended on by

CSHARP-787 Support the MONGODB-X509 authentication mechanism

Closed

JAVA-871 Support the MONGODB-X509 authentication mechanism

Closed

DOCS-1575 Document use of x.509 certificates for authentication.

Closed

is related to

SERVER-9960 access violation on getCertificateName

Closed

Show 1 more links (1 is related to)

Activity

Comments

Ascending order - Click to sort in descending order

Hide

Permalink

auto (Inactive) added a comment - Jun 13 2013 10:50:58 AM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7455~~ ~~SERVER-7961~~ x.509 authentication and keyfile replacement

Basic support for x.509 authentication of clients and for internal
x.509 authentication of cluster members.
Branch: master
https://github.com/mongodb/mongo/commit/e23ee681ca40f271ddbbd840f155a9b13102f148

Show

auto (Inactive) added a comment - Jun 13 2013 10:50:58 AM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7455 SERVER-7961 x.509 authentication and keyfile replacement Basic support for x.509 authentication of clients and for internal x.509 authentication of cluster members. Branch: master https://github.com/mongodb/mongo/commit/e23ee681ca40f271ddbbd840f155a9b13102f148

Hide

Permalink

auto (Inactive) added a comment - Jun 13 2013 11:13:28 AM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7961~~ Not calling doSSLHandshake for non-SSL webserver
Branch: master
https://github.com/mongodb/mongo/commit/fc739c0a815547e405df3978bbeedf09a8dbf2d1

Show

auto (Inactive) added a comment - Jun 13 2013 11:13:28 AM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7961 Not calling doSSLHandshake for non-SSL webserver Branch: master https://github.com/mongodb/mongo/commit/fc739c0a815547e405df3978bbeedf09a8dbf2d1

Hide

Permalink

auto (Inactive) added a comment - Jun 13 2013 03:19:43 PM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7961~~ re-adding copyright notice
Branch: master
https://github.com/mongodb/mongo/commit/92d59bdabb46de6821c12affd21d180316148fdf

Show

auto (Inactive) added a comment - Jun 13 2013 03:19:43 PM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7961 re-adding copyright notice Branch: master https://github.com/mongodb/mongo/commit/92d59bdabb46de6821c12affd21d180316148fdf

Hide

Permalink

auto (Inactive) added a comment - Oct 11 2013 08:27:32 PM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7961~~ Test for x.509 client authentication
Branch: master
https://github.com/mongodb/mongo/commit/fe7933f15fb1bde83584fedc694da1b9a1fb8bc7

Show

auto (Inactive) added a comment - Oct 11 2013 08:27:32 PM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7961 Test for x.509 client authentication Branch: master https://github.com/mongodb/mongo/commit/fe7933f15fb1bde83584fedc694da1b9a1fb8bc7

Hide

Permalink

Andreas Nilsson (Inactive) added a comment - Oct 11 2013 08:29:57 PM +00:00

Not sure why this ticket had "no driver changes needed on it". Bernie Hackett and Jeff Yemin have been working with this to my knowledge.

Show

Andreas Nilsson (Inactive) added a comment - Oct 11 2013 08:29:57 PM +00:00 Not sure why this ticket had "no driver changes needed on it". Bernie Hackett and Jeff Yemin have been working with this to my knowledge.

Hide

Permalink

auto (Inactive) added a comment - Oct 11 2013 08:35:15 PM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7961~~ Fixed comment in jstest/ssl/x509_client.js
Branch: master
https://github.com/mongodb/mongo/commit/1b3bc8c3d9158cf1eac88003d1357a7b1dfed098

Show

auto (Inactive) added a comment - Oct 11 2013 08:35:15 PM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7961 Fixed comment in jstest/ssl/x509_client.js Branch: master https://github.com/mongodb/mongo/commit/1b3bc8c3d9158cf1eac88003d1357a7b1dfed098

Hide

Permalink

auto (Inactive) added a comment - Oct 11 2013 10:23:23 PM +00:00

Author:

{u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}

Message: ~~SERVER-7961~~ Adapted x509_client.js to new user document format
Branch: master
https://github.com/mongodb/mongo/commit/bb421d824fbff1c70ac94fd60772b356a2b3074e

Show

auto (Inactive) added a comment - Oct 11 2013 10:23:23 PM +00:00 Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'} Message: SERVER-7961 Adapted x509_client.js to new user document format Branch: master https://github.com/mongodb/mongo/commit/bb421d824fbff1c70ac94fd60772b356a2b3074e

People

Assignee:

Andreas Nilsson (Inactive)

Reporter:

Eric Milkie

Participants:

Andreas Nilsson, auto, Eric Milkie

Votes:

0 Vote for this issue

Watchers:

6 Start watching this issue

Dates

Created:

Dec 17 2012 03:50:22 PM +00:00

Updated:

Jul 25 2014 02:10:27 PM +00:00

Resolved:

Oct 11 2013 08:28:24 PM +00:00

Agile

View on Board