[COMPASS-4599] Convert X509 authentication SSL/TLS settings to the most secure option when possible Created: 02/Feb/21  Updated: 02/Sep/22  Resolved: 02/Sep/22

Status: Closed
Project: Compass
Component/s: Connectivity, Security
Affects Version/s: None
Fix Version/s: No version

Type: Task Priority: Major - P3
Reporter: Maurizio Casimirri Assignee: Unassigned
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on COMPASS-5148 Create `connect-form` package Closed
Related
is related to COMPASS-5232 Add connection `TLS/SSL` tab form inputs Closed
Story Points: 2
Documentation Changes: Not Needed

 Description   

The current "backward compatible" conversion from connection model to connection info will add insecure options to the connection string.

When safe and possible we want to convert to a more secure connection string, for example with Atlas we know that we can remove tlsAllowInvalidCertificates=true and tlsAllowInvalidHostnames=true and we do not need a CA and "client private key"



 Comments   
Comment by Maurizio Casimirri [ 02/Sep/22 ]

Not doing this anymore, customer did not report issues with the transition to new connection models

Generated at Wed Feb 07 22:36:54 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.