[DOCS-3701] mongo shell --sslCAFile needs more explanation Created: 03/Jul/14  Updated: 16/Mar/15  Resolved: 25/Aug/14

Status: Closed
Project: Documentation
Component/s: manual
Affects Version/s: None
Fix Version/s: v1.3.10

Type: Task Priority: Major - P3
Reporter: Cory Mintz Assignee: Michael Paik
Resolution: Done Votes: 0
Labels: security-review
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
is related to DOCS-3834 Update docs to reflect that CA is man... Closed
Participants:
Days since reply: 9 years, 25 weeks, 2 days ago

 Description   

The docs page for connecting to a SSL-enabled mongod (http://docs.mongodb.org/manual/tutorial/configure-ssl-clients/) does not explain the importance of the --sslCAFile flag. Without it there is no verification of the server certificate.



 Comments   
Comment by Githook User [ 25/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3701-re-redux: fixyfixy

Signed-off-by: Sam Kleinman <samk@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/c9b112a1933b7e9ebbc6433106a75a26b6746389

Comment by Githook User [ 25/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3701-re-redux, revert bad edit

Signed-off-by: Sam Kleinman <samk@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/5c9fa16d94fb45d708badb041db0b5249de717ab

Comment by Githook User [ 25/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3701-re-redux

Signed-off-by: Sam Kleinman <samk@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/f2b8924448cb5885083bfd30b09fb38e6a3e9a49

Comment by Githook User [ 22/Aug/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-3701: edit
Branch: master
https://github.com/mongodb/docs/commit/241b548fca93deabf18beb420e9a357c87b69787

Comment by Githook User [ 22/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3701 fixes for ref pages
Branch: master
https://github.com/mongodb/docs/commit/3e2a0ccbddf7e635d224c672edcb78d49b5256e6

Comment by Githook User [ 22/Aug/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-3701 DOCS-3736 DOCS-3834: edits
Branch: master
https://github.com/mongodb/docs/commit/de8a82c91e612944955db05e9f4dfda358b554ab

Comment by Githook User [ 22/Aug/14 ]

Author:

{u'username': u'mpaik', u'name': u'Michael Paik', u'email': u'michael.paik@10gen.com'}

Message: DOCS-3701-3736-3834, various fixes for x.509 related to specified tickets.
Branch: master
https://github.com/mongodb/docs/commit/4da78c2517f9e62a65c0a5ef32750003b9ee8ba5

Comment by Andreas Nilsson [ 03/Jul/14 ]

I agree 100%. Btw, the server emits a warning if starting without the sslCAFile parameter but enabling SSL.

There is an existing DOCS ticket to improve the SSL docs page, especially talking about our incorrect focus on self-signed certificates. This should probably be linked to that ticket.

Generated at Thu Feb 08 07:46:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.