[DOCS-11560] Docs for SERVER-33833: Change macOS SSL and Enterprise builds to SecureTransport Created: 09/Apr/18  Updated: 29/Oct/23  Resolved: 25/Jul/18

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: 3.7.4, 4.0.0-rc0

Type: Task Priority: Major - P3
Reporter: Kay Kim (Inactive) Assignee: Kay Kim (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
documents SERVER-33833 Change macOS SSL and Enterprise build... Closed
Duplicate
Related
is related to DOCS-11856 Update SSL/TLS Configuration Tutorial... Closed
is related to DOCS-11654 Docs for SERVER-34390: Make OS X bina... Closed
Participants:
Days since reply: 5 years, 29 weeks ago
Epic Link: DOCS: 4.0 Server

 Description   

Documentation Request Summary:

This change makes NativeTLS the default build mode for OSX binaries. See PM-305 for a full list of the changes this represents including:

  • (/)Support for TLS 1.1 and 1.2 (DOCS-11654)
  • Support for Security Keychain and System CA (DOCS-11426)
  • Remove of some OpenSSL specific esoteric functionality.
  •  Backwards Breaking Change: Encrypted PEM files are not supported on Apple (lacks ability to decode PEMs encrypted with AES) and Windows (no support at all) (DOCS-11608)
    • Current Plan Of Record is to advise customers to use certificate selectors as more secure alternative
  • On macOS, sslCRLFile is not supported.

Engineering Ticket Description:

Change the macOS SSL and Enterprise builds to use "--ssl-provider=native".

Create an OpenSSL daily build variant to ensure it continues to work.

Scope of changes:

  • core/security-encryption-at-rest
  • tutoria/configure-encryption
  • source/includes/options-conf.yaml

Impact to other docs outside of this product:

MVP:

Resources:



 Comments   
Comment by Githook User [ 25/Jul/18 ]

Author:

{'username': 'kay-kim', 'name': 'kay', 'email': 'kay.kim@10gen.com'}

Message: DOCS-11856,DOCS-11560: update openssl refs, alternative on windows for no AES support
Branch: master
https://github.com/mongodb/docs/commit/0ae7287ff23ba16c766344adeb054937550b27db

Generated at Thu Feb 08 08:03:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.