Problem Statement/Rationale
I configured my server to require TLS connection with version no less than TLSv1.2, by mongod command args `--tlsMode requireTLS --sslDisabledProtocols TLS1_0,TLS1_1`. I can connect to my server with Mongosh, but cannot connect to it with MongoDBCompass.
Steps to Reproduce
- you can run a server with something similar as `mongod --tlsCertificateKeyFile cert.pem --tlsMode requireTLS --sslDisabledProtocols TLS1_0,TLS1_1 --auth --bind_ip_all`, in which cert.pem should be a valid certificate issued by CA and match your domain name.
- you can use MongoDBCompass to connect the server with the domain name, and set "More Options-SSL" to "System CA / Atlas Deployment",

Expected Results
MongoDBCompass should be able to connected to the server
Actual Results
MongoDBCompass cannot connected to the server
Additional Notes
With WireShark, I found that the "Client Hello" sent by MongoDBCompass in the TLS handshake procedure use TLSv1.0, so the connection cannot be established. I hope compass can upgrade the TLS version used to fix the problem. see the Wireshark capture screenshots below for details.
The overall packets
The Client Hello Packet

The Server Hello packet

Thank you!
|