Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-8757

Restart upgraded node with --sslWeakCertificateValidation - now works - incorrect

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Critical - P2
    • Resolution: Works as Designed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      If the upgraded 2.4.0-rc1 is restarted with --sslWeakCetificateValidation then the nodes are able to talk to one another. However --sslWeakCertificateValidation is meant to mean that a cert is not necessary, not that a cert will not be validated.

      1$ ./bin/mongod --dbpath ../mongodb-linux-x86_64-subscription-ubuntu1104-2.2.2/data/ --sslOnNormalPorts --sslPEMKeyFile ../gregorFreeBSD.pem --sslCAFile ../cacert.pem --replSet rs1 --smallfiles --sslWeakCertificateValidation

      rs1:PRIMARY> rs.status()
      {
      	"set" : "rs1",
      	"date" : ISODate("2013-02-27T12:38:26Z"),
      	"myState" : 1,
      	"members" : [
      		{
      			"_id" : 0,
      			"name" : "ip-10-227-21-162:27017",
      			"health" : 1,
      			"state" : 1,
      			"stateStr" : "PRIMARY",
      			"uptime" : 239,
      			"optime" : Timestamp(1361966564000, 1),
      			"optimeDate" : ISODate("2013-02-27T12:02:44Z"),
      			"self" : true
      		},
      		{
      			"_id" : 1,
      			"name" : "ip-10-48-238-94:27017",
      			"health" : 1,
      			"state" : 2,
      			"stateStr" : "SECONDARY",
      			"uptime" : 6,
      			"optime" : Timestamp(1361966564000, 1),
      			"optimeDate" : ISODate("2013-02-27T12:02:44Z"),
      			"lastHeartbeat" : ISODate("2013-02-27T12:38:26Z"),
      			"pingMs" : 3,
      			"errmsg" : "syncing to: ip-10-227-21-162:27017"
      		},
      		{
      			"_id" : 2,
      			"name" : "ip-10-48-238-94:30000",
      			"health" : 1,
      			"state" : 7,
      			"stateStr" : "ARBITER",
      			"uptime" : 231,
      			"lastHeartbeat" : ISODate("2013-02-27T12:38:25Z"),
      			"pingMs" : 0
      		}
      	],
      	"ok" : 1
      }

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            gregor Gregor Macadam
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: