Prompt for SSL key password when key is encrypted

XMLWordPrintableJSON

    • Type: New Feature
    • Resolution: Fixed
    • Priority: Major - P3
    • 100.6.0
    • Affects Version/s: None
    • Component/s: None
    • None

      Problem Statement/Rationale

      Old tools used to ask for a password interactively. This is no longer the case with new tools.

      Steps to Reproduce

      Point mongodump to a client certificate that has an encrypted private key (PKCS#5 or PKCS#8)

      Expected Results

      The utility unwraps the private key and leaves no trace of the password neither in the process table or in a configuration file on the disk

      Actual Results

      The utility fails with the can't load client certificate: no password provided to decrypt private key error

      Additional Notes

      The customer can't use a configuration file or the --sslPEMKeyPassword command-line parameter due to compliance reasons

            Assignee:
            Dave Rolsky
            Reporter:
            Andrey Brindeyev
            Tim Fogarty
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: