[SERVER-17591] Add SSL flag to select supported protocols Created: 13/Mar/15  Updated: 19/Sep/15  Resolved: 20/Apr/15

Status: Closed
Project: Core Server
Component/s: Networking, Security
Affects Version/s: None
Fix Version/s: 2.6.10, 3.0.3, 3.1.2

Type: Improvement Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to SERVER-20401 Publicly expose net.ssl.disabledProto... Closed
Backwards Compatibility: Fully Compatible
Backport Completed:
Sprint: Security 1 04/03/15, Security 2 04/24/15
Participants:

 Description   

It should be possible to pass a list of supported encryption protocols to a MongoDB server process. The server would configure OpenSSL to make and accept connections using only those protocols. A user with specialized security requirements, for example, would then be able to setup a server to only use TLS 1.2.



 Comments   
Comment by Githook User [ 22/Apr/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17591: Allow TLS protocols to be disabled
Branch: v2.6
https://github.com/mongodb/mongo/commit/30eccb4cee029a06e7f5ffcd0845c9f031d9e12b

Comment by Githook User [ 22/Apr/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17591: Allow TLS protocols to be disabled
Branch: v3.0
https://github.com/mongodb/mongo/commit/2366756e21aa4ef2d8c05502a5fe934f779ae2ff

Comment by Githook User [ 17/Apr/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17591: Allow TLS protocols to be disabled
Branch: master
https://github.com/mongodb/mongo/commit/6e9d0671458f6b4b1d12bb5285c05a18d4e80464

Comment by Githook User [ 16/Apr/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: Revert "SERVER-17591: Allow TLS protocols to be disabled"

This reverts commit a7c0c18303f0e485e0b4006454511ab9919def83.
Branch: master
https://github.com/mongodb/mongo/commit/df12652fc9478359b0f2ac3b373f83bd7220a3a4

Comment by Githook User [ 16/Apr/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17591: Allow TLS protocols to be disabled
Branch: master
https://github.com/mongodb/mongo/commit/a7c0c18303f0e485e0b4006454511ab9919def83

Generated at Thu Feb 08 03:44:59 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.