Prompt for SSL key password when key is encrypted

XMLWordPrintableJSON

    • Type: New Feature
    • Resolution: Fixed
    • Priority: Major - P3
    • 100.6.0
    • Affects Version/s: None
    • Component/s: None
    • None

      Problem Statement/Rationale

      Old tools used to ask for a password interactively. This is no longer the case with new tools.

      Steps to Reproduce

      Point mongodump to a client certificate that has an encrypted private key (PKCS#5 or PKCS#8)

      Expected Results

      The utility unwraps the private key and leaves no trace of the password neither in the process table or in a configuration file on the disk

      Actual Results

      The utility fails with the can't load client certificate: no password provided to decrypt private key error

      Additional Notes

      The customer can't use a configuration file or the --sslPEMKeyPassword command-line parameter due to compliance reasons

              Assignee:
              Dave Rolsky
              Reporter:
              Andrey Brindeyev
              Tim Fogarty
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: