Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8169

Need alternate password entry mechanism for PEM key

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Critical - P2 Critical - P2
    • 2.5.0
    • None
    • Security
    • None

    Description

      A significant hurdle to getting certain software accredited is removing all cleartext passwords from persistent storage on systems. As such, using a mongod startup script that included "--sslPEMKeyPassword <yourpassword>" would be a violation. The most straightforward solution to get around this would probably be allowing for interactive password entry whenever it isn't specified in SSL mode.

      Attachments

        Activity

          People

            milkie@mongodb.com Eric Milkie
            barrie Barrie Segal
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: