[SERVER-14518] Allow disabling hostname validation for SSL Created: 09/Jul/14  Updated: 27/Oct/15  Resolved: 22/Jul/14

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 2.6.4, 2.7.4

Type: New Feature Priority: Major - P3
Reporter: Alexander Komyagin Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
is related to DOCS-4336 Document disabling SSL hostname valid... Closed
Backport Completed:
Participants:

 Description   

For OEM and DBaaS solutions with SSL offering, users can benefit from having the ability to disable hostname validation in mongod's (and drivers) as the exact hostnames are not known in advance. (however, CA validation is possible)



 Comments   
Comment by Githook User [ 23/Jul/14 ]

Author:

{u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-14518: Allow disabling hostname validation for SSL

(cherry picked from commit 138d78bd6d3b28db332f263bd808ccb4f1ac6979)
Branch: v2.6
https://github.com/mongodb/mongo/commit/7ca4834319f8a950560e1bcb5f76366d39d9db0c

Comment by Spencer Jackson [ 22/Jul/14 ]

http://docs.mongodb.org/manual/reference/configuration-options/ should probably be updated to describe the new option.

Comment by Githook User [ 22/Jul/14 ]

Author:

{u'username': u'spencerjackson', u'name': u'spencerjackson', u'email': u'spencerandrewjackson@yahoo.com'}

Message: Merge pull request #713 from spencerjackson/SERVER-14518

SERVER-14518: Allow disabling hostname validation for SSL
Branch: master
https://github.com/mongodb/mongo/commit/0fd210a4df819253df7add4dee0a5463b1f01a4d

Comment by Githook User [ 22/Jul/14 ]

Author:

{u'username': u'spencerjackson', u'name': u'spencerjackson', u'email': u'spencerandrewjackson@yahoo.com'}

Message: Merge pull request #713 from spencerjackson/SERVER-14518

SERVER-14518: Allow disabling hostname validation for SSL
Branch: master
https://github.com/mongodb/mongo/commit/0fd210a4df819253df7add4dee0a5463b1f01a4d

Comment by Githook User [ 22/Jul/14 ]

Author:

{u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-14518: Allow disabling hostname validation for SSL
Branch: master
https://github.com/mongodb/mongo/commit/138d78bd6d3b28db332f263bd808ccb4f1ac6979

Comment by Alexander Komyagin [ 09/Jul/14 ]

we might want to introduce a global "weak validation" option to encompass this and other potential knobs (like weak validation, etc.)

Generated at Thu Feb 08 03:35:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.