[SERVER-14511] Check Extended Key Usage in mongod SSL certificate on startup Created: 09/Jul/14  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Security
Affects Version/s: 2.4.5, 2.6.3
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Alexander Komyagin Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
Assigned Teams:
Server Security
Participants:

 Description   

If Extended Key Usage is specified, it should contain both "TLS Web Server Authentication" and "TLS Client Server Authentication", because the same cert is being used for creating and accepting internal connections in between the RS members.


Generated at Thu Feb 08 03:35:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.