[DOCS-15170] Mention that AA uses both server PEM and agent PEM if cluster auth mode is X509 Created: 14/Mar/22  Updated: 29/Oct/23  Resolved: 31/Mar/22

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: 4.4.5
Fix Version/s: None

Type: Task Priority: Minor - P4
Reporter: Lungang Fang Assignee: James Sanchez (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:
Days since reply: 1 year, 45 weeks ago

 Description   

If the Cluster Auth Mode (internal authentication mode) is set to X509. In addition to connecting using the agent PEM configured in the Ops Manager web UI, Automation Agent will all establish connections using the internal auth configuration, i.e. connecting using the server PEM. This results warning message "Client connecting with server's own TLS certificate" in mongod log files. This might confuse security admins as they may not expect the such connections.

Hence I'd suggest this mentioned in the documentation (perhaps https://docs.opsmanager.mongodb.com/current/tutorial/enable-x509-authentication-for-group/) to avoid confusion.



 Comments   
Comment by Githook User [ 30/Mar/22 ]

Author:

{'name': 'mongodbchez', 'email': '90717131+mongodbchez@users.noreply.github.com', 'username': 'mongodbchez'}

Message: DOCS-15170 Mention that AA uses both server PEM and agent PEM if clus… (#4342)

  • DOCS-15170 Mention that AA uses both server PEM and agent PEM if cluster auth mode is X509
  • Update copy, remove code block, rebuild staging link
Comment by James Sanchez (Inactive) [ 30/Mar/22 ]

LGTM from lungang.fang via Slack convo. Merging

Comment by James Sanchez (Inactive) [ 30/Mar/22 ]

Hi lungang.fang the pr https://github.com/10gen/mms-docs/pull/4342 is ready for tech review. TY

Generated at Thu Feb 08 08:12:11 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.