[DOCS-12212] Ops Manager's Client Certificate Mode option sets weakCertificateValidation instead of allowConnectionsWithoutCertificates in the mongod config Created: 16/Nov/18  Updated: 29/Oct/23  Resolved: 19/Nov/18

Status: Closed
Project: Documentation
Component/s: Ops Manager
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor - P4
Reporter: Mariano Escribano Assignee: Anthony Sansone (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:
Days since reply: 5 years, 12 weeks, 2 days ago
Epic Link: DOCSP-3421
Story Points: 2

 Description   

Description

In the following page of the Ops Manager documentation: https://docs.opsmanager.mongodb.com/current/tutorial/enable-ssl-for-a-deployment/#specify-the-ssl-settings
we explain the differences between Client Certificate Mode OPTIONAL and REQUIRED, both of which directly relate to the corresponding MongoDB parameter net.ssl.allowConnectionsWithoutCertificates. However, for backwards compatibility purposes, Ops Manager still uses the deprecated but equivalent parameter net.ssl.weakCertificateValidation to reflect this setting.

Can we please amend this first sentence to make mention of the MongoDB configuration parameter that will actually get used when this mode is changed? Example:

Specify whether client TLS/SSL certificates are optional or required for every MongoDB deployment in the project. 
 
Note: For backward compatibility purposes, Ops Manager will continue using the [net.ssl.weakCertificateValidation|https://docs.mongodb.com/manual/release-notes/3.0-compatibility/#tls-ssl-configuration-option-changes] parameter to implement this in the MongoDB configuration file. 

This will prevent confusion for users who wonder what keeps adding this old parameter when their deployments are managed by Ops Manager.

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)



 Comments   
Comment by Githook User [ 20/Nov/18 ]

Author:

{'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}

Message: (DOCS-12212): Updated SSL backward compatibility info.
Branch: v4.0
https://github.com/10gen/mms-docs/commit/76260dea6966962571b0b4897d0ca7916bebb317

Comment by Githook User [ 19/Nov/18 ]

Author:

{'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}

Message: (DOCS-12212): Updated SSL backward compatibility info.
Branch: master
https://github.com/10gen/mms-docs/commit/2bc74bb9fd8fe060350bb5e0bb1aa76babd705a2

Generated at Thu Feb 08 08:04:41 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.